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Risky  business?  IBM  GEO  SamPalmisano  says 

investing  $10  billion  in  oiHlemand  computing  isnt  a  risk.  PAGE  8 


Revival  of  the  fittest  Nortel  faces  an  uphill 

battle  as  it  revamps  its  enterprise  business  plans.  PAGE  15. 
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Your  presence 
is  requested: 


Start  with  the  Windows 
instant-message  client, 
stir  in  some  Session 
Initiation  Protocol, 
mix  with  voice  and 
video  apps,  and 
you've  got  real¬ 
time,  multimedia 
communications 
right  from  your 
desktop,  m  m 
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What  users  want 
from  Microsoft 


■  BY  JOHN  FONTANA 

If  customers  had  any  doubt  as 
to  Microsoft’s  dominance  in  the 
server  and  desktop  markets  they 
need  look  no  further  than  the 
latest  numbers  from  IDC. 

The  research  showed  Microsoft 
accounted  for  a  49%  share  of  the 
5.7  million  new  server  operating 


system  licenses  shipped  world¬ 
wide  in  2001,  an  increase  of  7% 
over  the  previous  year.  The  near¬ 
est  competitor  was  Linux  at 
25.7%.  And  Microsoft  took  home 
a  whopping  95%  of  the  desktop 
market,  a  1%  increase  over  the 
previous  year. 

To  get  a  sense  of  what  this  huge 

See  Microsoft,  page  14 
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Plan  to  give 
WLAN  users 
more  range 
nearly  done 


Gigabit  to 
desktop? 
Not  so  fast 


■  BY  JOHN  COX 

A  plan  that  would  let  wireless 
LAN  users  roam  among  service 
provider  networks  is  in  the  final 
stage  of  preparation  by  the  Wi-Fi 
Alliance. 

The  blueprint  is  a  set  of  best 
practices  for  wireless  LAN  ser¬ 
vice  providers  and  vendors,  as 
well  as  carriers.  Wireless  LAN 
sites  that  adhere  to  these  prac¬ 
tices  will  be  identified  by  a  new 
Wi-Fi  Alliance  symbol  —  Wi-Fi 
Zone  —  created  for  this  project. 

See  WISPr,  page  12 

■  Newcomers  Mobilian  and  Vivato 
give  glimpse  of  future  wireless 
LANs.  See  page  9. 


■  BY  PHIL  HOCHMUTH 

Vendors  might  be  moving  full- 
bore  to  drive  Gigabit  Ethernet  to 
the  desktop,  but  users  have  other 
plans  —  at  least  for  now. 

Hewlett-Packard  this  week  will 
debut  two  fixed-port  Gigabit 
Ethernet  switches  aimed  at 
desktop  users.  Foundry  Net¬ 
works  also  this  week  will  unveil 
a  Gigabit  workgroup  box.  Cisco 
recently  announced  -new  cop¬ 


per-based  Gigabit  switch  prod¬ 
ucts,  and  Dell  has  promised  to 
ship  its  business  PCs  with  inte¬ 
grated  lO/lOO/lOOOBase-T  ports. 

The  decision  to  upgrade  to 
Gigabit  seems  simple,  right? 

Not  so,  according  to  industry 
observers,  who  say  there  are  few 
applications  to  utilize  the  high¬ 
speed  network  gear,  and  tech¬ 
nical  hurdles  such  as  PC 
throughput  preclude  widespread 
See  Gigabit,  page  65 


‘Intrusion  prevention' 
raises  hopes,  concerns 


■  BY  ELLEN  MESSMER 

New  intrusion-detection  sys¬ 
tems  that  go  beyond  monitoring 
attacks  to  actually  blocking  them 
have  network  executives  in¬ 
trigued,  but  some  worry  that  the 
devices  could  quash  legitimate 
traffic,  cause  network  latency  and 
present  a  single  point  of  failure. 

Unlike  traditional  IDS  products 
that  stay  out  of  the  way  of  net¬ 
work  traffic,  passively  monitoring 
the  traffic  going  by  and  leaving 
the  blocking  of  attacks  to  routers 
or  firewalls,  these  new  “intrusion- 
prevention”  systems  inspect  traf¬ 


fic  directly  as  it  makes  its  way 
from  outside  a  corporate  LAN  to 
end  users’  desktops  (see  graphic, 
page  1 1). 


The  latest  vendors  to  air  plans 
for  such  intrusion-prevention 
appliances  are  Top  Layer 

See  Prevention,  page  11 


A I  If  you  have  critical  traffic 
flowing  through  critical  ports, 
you  have  to  be  concerned  about 
the  potential  of  false 
positives.  9  9 

Lloyd  Hession,  chief  security  officer,  Radianz 


apple.com/xserve 


Porsche  has  a  420-hp,  water-cooled. 

Presenting  Xserve,  one  of  the  fastest  1U  servers  on  Earth.  Featuring  the 
exceptional  performance  of  dual  1  GHz  PowerPC  G4  processors,  each  with 
2MB  of  Double  Data  Rate  (DDR)  L3  cache.  Best-in-class  storage,  with  up  to  480GB  on  four  hot-plug  ATA/100  drives.  And  best- 
in- class  networking  capabilities  with  standard  dual  Gigabit  Ethernet  ports.  Xserve  also  comes  with  UNIX-based  Mac  OS  X 
Server  software  (with  an  unlimited  client  license),  making  it  ideal  for  providing  file  and  print  services,  mail  and  web  services, 
streaming  digital  media  and  for  running  database  applications.  Xserve  is  also  perfect  for  computational  clustering  and  I/O 
intensive  applications  like  digital  video,  high-resolution  digital  imagery  and  managing  large  scientific  datasets.  And,  thanks 


TM  and  ©2002 Apple  Computer,  Inc.  All  rights  reserved.  Porsche  is  a  registered  trademark  of Dr.  Ing.  h.  c.  F.  Porsche  AG.  *  Restrict 


twin-turbo  power  plant.  We  have  this. 


to  a  convenient  visual  feedback  system,  you  can  monitor  the  performance  of  an  entire  rack  with  just  a  glance.  Or,  keep  an 


eye  on  Xserve  from  virtually  anywhere  with  Apple’s  next-generation  remote  management  tools. 
Plus,  you  can  swap  parts  and  replace  components  at  will  without  tools  and  get  instant  help  with 
4-hour  onsite  response  and  24/7  technical  support  with  AppleCare.*  Xserve  also  provides  out-of- 
the-box  support  for  Mac,  Windows,  UNIX  and  Linux  clients,  three  PCI  slots  (two  of  which  are 
64-bit,  66MHz),  software  RAID  mirroring  and  striping,  a  VGA  graphics  card,  two  USB  ports  and  a 


host  of  other  features  that  are  far  too  numerous  to  list  here.  Apple  Xserve.  Take  a  look  under  the  hood  at  apple.com/xserve. 


tfply  For  terms  and  conditions  associated  with  the  AppleCare  Premium  Service  and  Support  Plan,  iisit  umn.apple.com/support/produds. 


BladeStore 


There  are  plenty  of  ways  to  shorten  backup  windows.  And  StorageTek  is  just  the  company  to  find  the  one  that's  right 
for  you.  Maybe  it's  BladeStore  as  part  of  disk-to-disk  backup,  or  an  L-Series  automated  tape  library  with  the  industry's 
fastest  tape  drive  -  the  T9940B.  Whatever  the  solution,  we  think  you  deserve  a  day  of  rest.  Learn  more  about  this 
story  and  other  ways  we  can  help  you  at  www.savetheday.com  STO RAC ETE K%  Save  the  Day.” 
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Efialutts 


Your  presence  is 
requested 

Real-time  multimedia  communication  based 
on  Session  Initiation  Protocol  and  Windows 
Messenger  is  calling.  Page  44. 


Face-Off 

Are  Weblogs  a  legitimate  business  tool?  Bill  Keaggy,  left, 
of  XPLANE,  a  business  communications  company,  says  yes. 

But  Mark  Hurst,  an  Internet  analyst,  begs  to  differ.  Page  40. 


Review:  Gigabit  IDS 

We  took  six  of  the  leading  intrusion-detection  systems  and  cranked  them  to  gigabit  speeds. 
Unfortunately,  the  results  were  not  pretty.  The  IDS  products  missed  a  good  number  of  attacks 
during  baseline  testing,  and  performance  went  downhill  from  there  when  the  test  was  repeated 
at  gigabit  speeds.  Page  46. 
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New  technology  definitions 

Autonomic  computing,  iCal,  SyncML,  CAP  (Calendar  Access  Protocol), 
FTTH  (fiber  to  the  home),  DNS  Security,  LDP  (Label  Distribution 
Protocol)  and  Martini  draft.  Find  out  what  they  mean  and  look  up 
other  network  terms  in  our  encyclopedia. 

DocFinder:  2870 

Bug  Alert 

Windows  2000  Service  Pack  3  has  caused  a  lot  of  problems  for  those 
who  have  installed  it.  Jason  Meserve,  author  of  Network  World's 
Security  and  Bug  Patch  Alert  newsletter,  offers  help  and  advice  if 
you're  in  the  same  boat. 

DocFinder:  2942 

Free  downloads 

From  application  development  and  databases  to  management  and 
security,  check  out  our  free  and  evaluation  software. 

DocFinder:  2943 


Seminars  and  Events 

Convergence  is  a  go 

Voice  and  data  finally  can  be  converged  on  the  only  network  that  mat¬ 
ters:  yours.  Let  keynote  presenter  Steve  Taylor  be  your  guide  as  he 
shows  you  why  the  time  is  now  for  VoIP.  Come  to  Network  World's  Tech 
Update:  "VoIP:  The  Right  Time  for  a  Rollout"  and  find  out  how  to  start 
a  VoIP  implementation  today. 

DocFinder:  2645 


Columnists 

Compendium 

Another  anti-Outlook  coming 
Fusion  Executive  Editor  Adam  Gaffin  introduces  you  to 
Spaces,  a  Java-based  e-mail  client  and  personal  information 
manager  intended  to  replace  Outlook. 

DocFinder:  2944 

Help  Desk 

The  best  client-side  VPN  choice 

Columnist  Ron  Nutter  helps  a  user  who's  trying  to  decide 

between  VPN  hardware  and  software. 

DocFinder:  2945 

Home  Base 

Home  safe  home 

After  the  recent  sniper  tragedies,  columnist  Jeff  Zbar  says 
Congress  and  federal  agencies  are  turning  their  attention  to 

telework.  DocFinder:  2946 

View  from  the  Edge 

Odd  man  out 

The  Edge  Managing  Editor  Jim  Duffy  says  Lucent's  silence 
on  MPLS  switch  signals  the  product's  demise. 

DocFinder:  2947 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Foreign-language  DNS  protocols  approved 

■  The  Internet  Engineering  Task  Force  has  approved  as  proposed 
standards  a  set  of  protocols  that  will  let  DNS  support  foreign-lan¬ 
guage  domain  names  and  today’s  English  derivatives.  The 
Internationalized  Domain  Names  in  Applications  protocols  con¬ 
vert  foreign-language  characters  into  U.S.  ASCII  equivalents.  To 
represent  the  foreign-language  characters,  the  IETF  chose 
Unicode,  an  industry  standard  that  the  International  Organization 
for  Standardization  developed.  Unicode  is  a  controversial  choice 
among  some  Asian  Internet  users  because  it  does  not  translate 
between  traditional  and  simplified  Chinese  character  sets  and 
can’t  distinguish  between  Chinese,  Korean  and  Japanese  charac¬ 
ters  that  look  the  same  but  have  different  meanings.  The  IETF’s 
IDNA  architecture  is  expected  to  have  a  significant  effect  on  the 
domain  name  industry  VeriSign  Global  Registry  Services  has 
promised  to  migrate  the  million  foreign-language  domain  names 
it  has  sold  to  the  standard.  And  the  Internet  Corporation  for 
Assigned  Names  and  Numbers  has  agreed  to  adopt  the  standards 
for  its  accredited  domain  name  registries  and  registrars. 

Pornography  sites  exploiting  expired  URLs 

■  More  than  1,500  mainstream  Web  sites  have  seen  their  expired  domain  names  pur¬ 
chased  by  pornography  operators  and  the  traffic  redirected  to  porn  sites  in  the  last 
six  months,  according  to  a  study  released  last  week  by  Websense.a  maker  of  Web  fil¬ 
tering  software.  In  addition,  the  Websense  study  found  that  during  the  same  time  frame 
more  than  3,000  Web  sites  that  used  to  feature  pornography  now  offer  mainstream  con¬ 
tent  —  a  sign  of  how  quickly  domain  names  change  ownership  these  days.  For  network 
executives,  the  research  underscores  the  need  to  track  expiration  dates  for  domain 
names  and  to  monitor  the  many  links  buried  within  their  sprawling  Web  sites  to  ensure 
that  the  corresponding  sites  haven’t  changed  hands,  Websense  says.  Websense  execu¬ 
tives  say  they  are  addressing  this  problem  with  a  master  database  that  is  refreshed  every 
seven  hours  to  keep  up  with  the  rapid  change  of  Web  site  content. 

Vignette  acquires  Epicentric 

■  Content  management  specialist  Vignette  says  its  acquisition  of  Epicentric  last  week  is 
in  response  to  customer  demands  for  software  that  integrates  content  management, col¬ 
laboration  and  portals.Vignette  announced  Tuesday  that  it  had  signed  a  definitive  agree¬ 
ment  to  acquire  the  portal  vendor  for  up  to  $32  million  in  cash  and  restricted  stock.The 
two  companies  have  partnered  in  the  past,  but  the  acquisition  will  enable  even  tighter 
integration  between  the  technologies  to  provide  a  framework  for  enterprisewide  con¬ 
tent  management  and  delivery,  says  Vignette  CEO  Thomas  Hogan.  Vignette  supports 

C  O  M  P  E  N  D  1  U  M 

Why  Yahoo  went  with  PHP 

One  of  the  world's  largest  sites  says  PHP  is  a  better  Web  scripting  language  than 
Peri/Java  and  others  for  a  variety  of  reasons,  including  its  simple  and  clear  syntax. 

Read  more  at  www.nwfusion.com,  DocFinder:  2941. 
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The  Good  hi  Bad  Hit  Ugly 


Touchy  feely  Internet  Researchers  3,000  miles  apart  at  MIT 
in  Cambridge,  Mass.,  and  University  College  London  last  week  demonstrated 
technology  that  enabled  them  to  exert  forces  through  the  Internet  to  move  a 
computer-generated  box  between  them.  The  “trans-Atlantic  touch"  technology 
involves  the  transmission  of  small  impulses  at  high  frequencies  over  fiber-optic 
links  as  well  as  robotic  arms,  called  phantoms,  attached  to  computers.  MIT 
says  it  could  be  years  before  the  technology  makes  its  way 
out  of  the  lab  but  that  medical,  teaching  and  other  important 
applications  could  be  the  result. 

InfiniBand-onment.  Here’s  one  more 
reason  for  those  of  you  betting  on  InfiniBand  to 
be  jittery:  Start-up  OmegaBand  last  week  called 
it  quits,  unable  to  sustain  operations  in  the 
tough  economic  climate.  The  Austin,  Texas, 
company,  which  picked  up  $6.5  million  in 
funding  this  year,  was  making  a  server  consolidation 
and  protocol  translation  appliance. 


To  err  and  err  and  err  is  human. 

One-third  of  network  outages  are  caused  by  humi 
error,  according  to  a  new  study  conducted  by  The 
Yankee  Group  (and  partially  sponsored  by 
management  system  vendor  Gold  Wire).  The  network 
decision-makers  from  229  corporate  and 
government  organizations  also  said 
their  carriers/ISPs  were  to  blame 
about  a  third  of  the  time.  > 


Epicentric’s  portal  technology  in  its  Version  6  and  plans  to  integrate  it  with  its  recently 
announced  Version  7  in  the  first  quarter  of  next  year. 

Judgement  day 

■  U.S.  District  Judge  Colleen  Kollar-Kotelly  late  Friday  approved  the  majority  of  the 
landmark  antitrust  settlement  reached  by  Microsoft,  the  federal  government  and  nine 
states  while  largely  ignoring  demands 


from  a  coalition  of  other  states  for  harsher 
penalties. 

The  settlement  prevents  Microsoft  from 
participating  in  exclusive  deals  that 
could  hurt  competitors;  requires  uniform 
contract  terms  for  computer  manufac¬ 
turers;  allows  computer  manufacturers 
and  customers  to  remove  icons  for  some 
Microsoft  features;  and  requires  that  the 
company  release  some  APIs. 

The  sanctions  will  last  for  at  least  five 
years  but  can  be  extended  for  another  24 
months,  according  to  the  judge’s  ruling. 
In  April  of  2000,  Microsoft  was  found  to 
have  violated  antitrust  laws,  illegally 
maintaining  its  monopoly  over  computer 
software  operating  systems  by  strong- 
arming  competitors. 


Corrections 


■  In  the  scorecard  of  the  story  “Rolling 
out  remote  access”  (Oct.  28,  page  56), 
the  SonicWall  score  should  be  listed  as 
3.3  out  of  5.  Also  in  the  NetResults 
graphic,  the  cons  of  each  product  were 
listed  in  the  incorrect  order.  For  a  cor¬ 
rected  version  of  these  charts,  go  to 
www.nwfusion.com,  DocFinder:  2858. 

■  In  the  BackSpin  column  titled 

:  "Anything  for  a  buck"  (Oct.  28,  page  76), 

|  a  reader  should  have  been  cited  as  Kale 
Lowman. 


As  the  world  leader  in  Internet  security,  Check  Point’s™  integrated  security  solutions  Connect,  Protect, 
Manage  and  Accelerate  the  network  security  of  more  than  1 00  million  users  worldwide. 


CONNECT.  Leading  global  companies  rely  on  Check  Point  VPN  PROTECT.  Check  Point’s  fail-safe  firewall  infrastructure  provides 
solutions  to  connect  employees  and  offices  everywhere.  Regardless  of  the  highest  level  of  security  for  every  network  from  the  edge  to  the 
where  business  happens— even  in  the  most  remote  locations— people  core.  Our  authentication,  access  control,  and  content  security  features 
and  companies  are  securely  connected  to  their  critical  information.  have  become  the  trusted  global  industry  standard. 

. - . - . - . 4- . ' . . . 

ACCELERATE.  Check  Point’s  VPN  and  firewall  solutions  deliver 
wire-speed  performance  up  to  three  times  faster  than  other  network 
solutions.  Now  you  can  maintain  absolute  network 
security  without  sacrificing  the  performance  of  business- 
critical  applications  or  bogging  down  your  network. 

Find  out  the  latest  in  Internet  security  by  downloading  our  white  paper  “Building  Secure  Wireless  LANs” 
at  www.checkpoint.com/wireless/nww  or  call  (866)  488-6686. 

We  Secure  the  Internet. 


Check  Point' 


SOFTWARE  TECHNOLOGIES  LTD 


MANAGE  Check  Point’s  revolutionary  Security  Management 
Architecture  (SMART-)  lets  you  instantly  deploy  and  distribute  security 
policies  regardless  of  user  location.  All  aspects  of  network  security  can 
be  defined  and  managed  from  a  single  console  dramatically  reducing 
your  total  cost  of  ownership. 


©  2002  Check  Point  Software  Technologies  Ltd.  All  rights  reserved. 
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Energy  firms  take  lesson  in  efficiency 


■  BY  JENNIFER  MEARS 

LAS  VEGAS  —  When  IT  profes¬ 
sionals  from  around  the  country 
gather  here  for  the  50th  Annual 
Energy  IT  Conference  and  Expo 
they’ll  get  the  usual  news  and 
insight  about  the 
best  technologies  for 
the  utility  industry, 
but  they’ll  also  take  a 
hard  look  at  budget¬ 
ing  and  productivity 

While  issues  such  as 
security  —  which 
topped  the  agenda 
last  year  —  outsourc¬ 
ing  and  wireless  tech¬ 
nologies  will  be  discussed,  the 
primary  thrust  is  expected  to  be 
about  doing  more  with  less.  Like 
most  U.S.  markets,  the  utility  in¬ 
dustry  has  felt  the  effects  of  the 
tightening  economy  Combine 
that  with  fallout  from  Enron’s 
collapse  and  deregulation  sna¬ 
fus  in  California,  and  energy 
companies  find  themselves  fac¬ 
ing  a  tough  economic  picture. 

“There  are  a  lot  of  financial 
pressures  on  companies  and 
that  translates  back  to  the  IT 
folks,”  says  Jon  Arnold,  formerly 
CIO  at  Edison  Electric  Institute 
and  now  editor  in  chief  of  Energy 
IT  magazine. 

Conference  organizers  expect 
about  500  IT  professionals  to  at¬ 
tend  the  conference  this  week,  a 
drop  from  the  700  that  took  part 
last  year,  Arnold  says. 

“One  of  the  big  things  we’ll 
look  at  is  how  do  you  survive  the 
budget  crunch  and  cost-cutting,” 
he  says.  “How  do  you  make 
money  with  what  you  have. . . . 
How  do  you  drive  the  cost  out  of 
doing  business?  [Utilities]  are 
trying  to  get  a  lot  smarter  about 
managing  their  assets.” 

At  Potomac  Electric  Power 
Company  (Pepco),  budgeting 
has  become  a  priority 

“We  had  a  five-year  IT  strategic 
plan  that  we  were  implement¬ 
ing  to  refresh  our  systems  to  try 
to  pick  up  some  savings  in  terms 
of  system  integration  and  so 
forth,”  says  Ken  Cohn,  vice  presi¬ 
dent  and  CIO  of  Pepco  Holdings 
in  Washington,  D.C. 

Specifically,  the  utility  is  using 
enterprise  application  integra¬ 
tion  to  link  its  SAP  PeopleSoft 
and  legacy  financial  systems. 

Energy  companies  are  getting 
back  to  basics,  analysts  say.  In¬ 
stead  of  looking  at  innovative 
e-business  projects, the  focus  of  IT 


MORE 

ILESS 

1  Budget  stretching 
strategies 

Online:  www.nwfusion.com 

DocFinder:  6433 


investments  these  days  is  on 
transmission  and  distribution; 
energy  trading  and  risk  manage¬ 
ment;  generation  and  supply;  and 
CRM,  specifically  in  the  areas  of 
analytics  and  collaboration,  says 
Terry  Ray  vice  president  of  energy 
information  strategies 
at  Meta  Group. 

Sessions  and  speak¬ 
ers  at  the  conference 
reflect  this  focus.  Is¬ 
sues  discussed  will 
include  the  impor¬ 
tance  of  integrating 
outage  management 
and  work  manage¬ 
ment  systems;  the 
benefits  of  business  process  out¬ 
sourcing;  and  who  is  using  cus¬ 
tomer  information  systems  and 
with  what  degree  of  success. 

A  panel  discussion  titled,  “IT 
Budgeting:  Making  Do  with  Less 
While  Achieving  More,”  will  pro¬ 
vide  examples  of  how  utility 


companies  are  coping  in  a  tough 
economic  climate. 

“IT  executives  are  having  to 
take  a  look  at  how  they’re  work¬ 
ing  together  with  the  business 
more  closely  It’s  really  going  to 
be  business  that’s  going  to  drive 
any  new  projects.  And  being  able 
to  make  a  solid  business  case  for 
new  projects  will  be  important,” 
says  Jill  Feblowitz,  service  direc¬ 
tor  of  the  energy  practice  at  AMR 
Research,  who  is  moderating  the 
panel  discussion. 

Tom  Pisello,  president  and  CEO 
of  Alinean,  a  developer  of  re¬ 
search,  methodologies  and  soft¬ 
ware  tools  to  measure  and  quan¬ 
tify  the  value  and  return  on  in¬ 
vestment  from  IT  investments, 
will  give  the  keynote  address  on 
Thursday  He’ll  advise  IT  execu¬ 
tives  to  look  at  tangible  and  in¬ 
tangible  benefits,  as  well  as  risks, 
and  to  analyze  proposals  on  a 
project-by-project  basis.  ■ 


Spending  slowdown 

Energy  companies  are  feeling  the  pinch  of  a  tight  economy. 

•  Two-thirds  of  companies  said  their  IT  budgets  will  remain 
flat  or  decrease  for  2003. The  average  decrease  is  19%. 

•  7%  of  companies  said  their  budgets  will  decrease  in  2004,  with 
an  average  10%  drop. 

•  45%  said  their  budgets  will  stay  the  same  in  2004. 

SOURCE:  AMR  RESEARCH  SURVEY  OF  CIOS  AT  29  OF  THE  COUNTRY'S  LARGE  ENERGY  UTILITIES 


In  a  recent  study  based 
on  the  responses  of  senior 
level  IT  professionals  at 
34  of  the  nation’s  large 
energy  utilities,  Meta 
Group  found  that  IT 
spendingdropped  in  2001 
for  the  first  time  in  four 
years  and  is  expected  to 
remain  flat. 


IT  spending  as  a  percentage  of  revenue: 
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SOURCE:  META  GROUP  REPORT  "INFORMATION 
TECHNOLOGY  SPENDING  IN  THE  ENERGY 
UTILITY  INDUSTRY” 


IBM  touts  on-demand  computing 


■  BY  ANN  BEDNARZ 

NEW  YORK  —  Bold  and  risky 
plans  from  technology  vendors 
aren’t  the  norm  these  days,  but 
IBM  is  trying  to  buck  that  trend. 

The  company  last  week  said  it 
is  investing  $10  billion  in  tech¬ 
nology  and  services  aimed  at 
treating  corporate  resources  like 
utilities  —  meaning  companies 
pay  for  only  the  processing 
power  they  use. 

Known  as  on-demand  comput¬ 
ing,  the  technology  would  let 
companies  gain  rapid  access  to 
resources  such  as  server  capa¬ 
city,  storage  and  bandwidth,  so 
they  can  respond  quickly  to  shift¬ 
ing  customer  demands  and  mar¬ 
ket  opportunities.  IBM  competi¬ 
tors  Sun  and  Hewlett-Packard 
also  are  pursuing  such  pay-as- 
you-go  computing  models. 

“You  cannot  find  a  business  ex¬ 
ecutive  in  the  world  that  doesn’t 
want  an  organization  or  a  com¬ 
pany  or  an  institution  that’s  fast 
to  change,  that  has  a  culture 
that’s  responsive  to  customers,” 
said  CEO  Sam  Palmisano,  who 
addressed  a  crowd  including  at 
least  300  customers  at  New  York’s 
Museum  of  Natural  History. The 
event  marked  Palmisano’s  first 
major  customer  address  since 
taking  the  company’s  top  seat  in 


March  and  a  day  after  IBM’s 
board  voted  to  make  Palmisano 
its  chairman  after  former  CEO 
Lou  Gerstner’s  retirement,  effec¬ 
tive  Jan.  1. 

It’s  a  $10  billion  gamble,  Palm- 


For  one,  on-demand  computing 
requires  better  utilization  of  com¬ 
puting  resources.  Palmisano  used 
statistics  about  the  relatively  low 
average  utilization  of  enterprise 
servers  and  storage  to  champion 


fcfcBig  bet?  Yeah,  big  bet.  Bold 
bet?  No  doubt  about  it,  it’s  a 
bold  bet  Risky  betp  I  don't  think 
so.  It’s  not  a  risky  bet.9l 

CEO  Sam  Palmisano  on  IBM's  investment  in 
e-business  and  on-demand  computing. 


isano  said.“Big  bet?  Yeah,  big  bet. 
Bold  bet?  No  doubt  about  it,  it’s  a 
bold  bet.  Risky  bet?  I  don’t  think 
so.  It’s  not  a  risky  bet,”  he  said. 

Though  Palmisano  downplayed 
its  risk  factor,  on-demand  com¬ 
puting  represents  a  marked  de¬ 
parture  from  IBM’s  proprietary- 
laced  history  Palmisano  acknowl¬ 
edged  creating  a  flexible  operat¬ 
ing  environment,  based  on  open- 
standards  and  equipped  with 
self-managing  capabilities,  re¬ 
quiring  a  different  approach  to 
designing  and  building  systems 
than  IBM  and  others  have  em¬ 
ployed  in  the  past. 


IBM’s  grid  computing  technolo¬ 
gies,  which  can  harness  surplus 
processing  power. 

“You  wouldn’t  be  an  airline  if 
you  had  90%  of  your  fleet  on  the 
ground.  If  you  were  a  hotel, you 
couldn’t  operate  with  95%  va¬ 
cancy  rates.  But  that’s  what  we 
have,”  Palmisano  said  of  today’s 
corporate  server  and  storage 
utilization. 

An  on-demand  infrastructure 
also  encompasses  autonomic 
computing,  which  describes  sys¬ 
tems  that  function  like  the 
human  body  —  able  to  protect, 
optimize  and  repair  themselves. 


Autonomic  computing  is  a  key 
focus  of  IBM,  which  last  week 
announced  it  is  forming  a  divi¬ 
sion  dedicated  to  adding  auto¬ 
nomic  features  throughout  its 
product  line. 

Analysts  say  Palmisano’s  speech 
demonstrated  his  vision  for  Big 
Blue  in  the  coming  years  —  even 
if  it  wasn’t  too  far  from  the  path 
his  predecessor  had  set. 

“Palmisano  took  a  good  cut  at 
the  vision  thing,”  said  analyst 
Steve  Milunovich,  first  vice  presi¬ 
dent  at  Merrill  Lynch,  in  his  com¬ 
mentary  on  the  event. 

Palmisano’s  talk  was  essentially 
an  extension  of  Gerstner’s  1995 
unveiling  of  IBM’s  e-business 
vision,  relying  on  familiar  IBM 
buzzwords  such  as  standards, 
solutions  and  integration,  he 
says.  “But  that’s  OK.  IBM  doesn’t 
need  a  new  strategy  in  our  view;’’ 
Milunovich  says. 

Forrester  Research  says  it  ap¬ 
plauds  IBM’s  commitment  “to 
transform  infrastructure  pricing 
to  help  companies  better  match 
IT  investment  to  business  re¬ 
turns.”  But  IBM  isn’t  alone  in  pur¬ 
suing  an  on-demand  model  and 
will  have  plenty  of  competition 
along  the  way  from  Sun’s  N1  and 
HP’s  Adaptive  Infrastructure  ini¬ 
tiatives,  says  Ted  Schadler,  group 
director  at  Forrester.  ■ 
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Start-ups  push  wireless  LAN  envelope 

Mobilian  embraces  802,11b  and  Bluetooth;  Vivato  airs  switch, 


Switched  on  wireless  LANs 

Vivato’s  wireless  switch  uses  a  phased  array  antenna  to 
shoot  narrow,  focused  radio  beams  to  wireless  devices. 
Unlike  shared  wireless  LANs,  a  Vivato-based  net  promises 
to  provide  maximum  throughput  to  each  client. 


Wired  LAN  Ethernet  switch 
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Up  to  1.2  miles 


Clients  with  802.11b 
wireless  LAN  adapters 


Vivato's  wall-mounted 
wireless  switch 


■  BY  JOHN  COX 

Two  new  companies,  Mobilian 
and  Vivato,  this  week  will  unveil 
products  that  hint  at  the  future  of 
enterprise  wireless  LANs. 

With  Mobilian  TrueRadio  chips, 
a  wireless  client  could  use  a  Blue¬ 
tooth  radio  to  work  with  assorted 
peripherals,  such  as  a  keyboard 
and  mouse.  At  the  same  time,  the 
client  could  use  an  802.1  lb  radio 
to  connect  with  a  wireless  LAN 
access  point. 

And  if  that  was  a  Vivato  access 
point,  relying  on  what  the  com¬ 
pany  calls  its  “phased  array 
antenna,”  an  indoor  client  could 
be  up  to  1.2  miles  away  and  still 
have  throughput  of  at  least  5M  to 
7M  bit/sec,  which  is  typical  for 
802.11b  wireless  LANs  today  at 
ranges  of  108  to  328  feet. 

Mobilian,  which  was  started  by 
former  Intel  and  Qualcomm 
executives,  now  is  shipping  sam¬ 
ples  of  its  chipset,  which  isolates 
the  802. 1 1  b  and  Bluetooth  signals 
from  each  other  to  minimize  in¬ 
terference  in  the  2.4-GHz  radio 


band  they  share.  Mobilian  execu¬ 
tives  say  they  hope  network 
adapter  makers  will  offer  cards 
based  on  the  chipset  that  cost 
less  than  $100  as  soon  as  April. 

A  demonstration,  using  a  Mobil¬ 
ian  test  board  that  was  almost  as 
big  as  the  laptop  to  which  it  was 
connected,  featured  Mobilian 


software  utilities  written  to  show 
how  802.11b  and  Bluetooth  nets 
were  performing.  The  wireless 
LAN  link  that  was  running  at 
about  3.7M  bit/sec  plummeted  to 
less  than  1M  bit/sec  when  the 
Bluetooth  card  on  the  laptop  acti- 
vated.Then.when  Mobilian  s  tech¬ 
nology  was  switched  on,  the  wire¬ 


less  LAN  link  surged  to  just  more 
than  4M  bit/sec,  with  the  Blue¬ 
tooth  card  still  active  completing 
a  file  transfer. 

“The  goal  is  to  let  a  laptop  or 
handheld  automatically  detect 
what  wireless  options  exist,  let  the 
user  select  one  and  then  auto¬ 
matically  connect  through  it,” says 
Wade  Gillham,  marketing  director 
for  Mobilian. 

Separately  Vivato  proposes  to  re¬ 
place  traditional  wireless  LAN  ac¬ 
cess  points  with  its  wireless 
switches. 

Other  vendors,  such  as  Blue- 
socket  and  Vernier,  also  are 
adding  switched  features  to  wire¬ 
less  LANs.  But  they’re  doing  so  in 
controllers  that  sit  on  the  wired 
net  behind  access  points. 

Vivato’s  switch  is  a  thin,  flat 
panel  that  mounts  on  a  wall.  It 
uses  a  phased  array  antenna  — 
actually  a  collection  of  small 
antennas  —  to  steer  narrow  radio 
beams  to  specific  client  devices. 
Most  wireless  LAN  access  points 
today  distribute  radio  as  a  light 
bulb  does  light,  blanketing  an 


area  with  radio  waves. 

As  an  Ethernet  switch  can  deliv¬ 
er  up  to  a  theoretical  10M  bit/sec 
of  throughput  to  each  desktop 
computer  or  server  on  a  wired 
LAN,  the  Vivato  switch  can  do  like¬ 
wise  for  wireless  LAN  users. 

The  Vivato  switch’s  narrow 
beams  make  it  possible  for  com¬ 
panies  using  it  to  increase  the 
range  of  the  wireless  connection, 
says  Phil  Belanger,  director  of 
marketing  for  the  San  Francisco 
company  Vivato  says  its  device, 
when  used  outdoors,  will  be  able 
to  connect  to  a  standard  802.1  lb 
client  up  to  4.3  miles  away. 
Belanger  says  the  Vivato  switch 
will  work  with  any  standard 
802.1  lb  client  adapter  card. 

The  Vivato  products  will  support 
a  range  of  network  security  stan¬ 
dards,  such  as  802. IX  and  IP 
Security  The  company  plans  to 
release  the  product  next  year,  but 
is  keeping  tight-lipped  about  ex¬ 
actly  when  and  about  how  much 
it  will  cost. 

Mobilian:  www.mobilian.com; 
Vivato:  www.vivato.net 


IBM  tailors  wares  for  HIPAA  readiness 

Portfolio  of  software,  hardware,  training  and  services  geared  for  healthcare  and  insurance  companies. 


■  BY  ANN  BEDNARZ 

BALTIMORE  —  IBM  said  last  week  it 
would  offer  healthcare  industry  customers 
software  that  can  help  them  implement 
government-mandated  business  processes 
faster  and  with  fewer  IT  resources  than  if 
they  went  at  the  process  alone. 

The  new  software,  called  WebSphere 
Business  Integration  for  HIPAA,  is  tailored 
for  healthcare  and  insurance  companies 
that  face  looming  deadlines  to  comply 
with  the  transaction,  privacy  and  security 
regulations  contained  within  the  federal 
government’s  Health  Insurance  Portability 
and  Accountability  Act. 

HIPAA  is  a  set  of  federal  transaction  and 
data  protection  regulations  for  healthcare 
providers,  plans  and  clearinghouses.  The 
HIPAA  regulations  are  designed  to  stan¬ 
dardize  electronic  data  interchange  (EDI) 
among  healthcare  industry  participants 
and  to  protect  patient  health  information. 

Specifically  the  WebSphere  technology 
translates  HIPAA-formatted  EDI  messages 
into  application  formats  that  a  company’s 
existing  systems  use.  IBM  says  it  can  help 
streamline  business  processes  —  by  auto¬ 
matically  populating  new  or  updated 
member  information  across  multiple 


health  plans,  for  example. 

Tommy  Gurganus,  director  of  regulatory 
compliance  at  National  Account  Service 
Company  (NASCO),says  HIPAA  compli¬ 
ance  is  a  tougher  challenge  than  a  com¬ 
pany  might  first  envision. 

“This  is  a  major  effort  by  all  players, 
providers  and  vendors  that  deal  with  any 
healthcare  insurance  transaction,  or  pri¬ 
vacy  or  security?’ Gurganus  says.“It’s  a  sub¬ 
stantial  change  to  everybody’s  systems.” 

NASCO,  which  is  based  in  Atlanta,  han¬ 
dles  health-benefits  processing  for  27 
BlueCross  BlueShield-affiliated  plans.  Last 
year  it  processed  75.7  million  claims  for 
more  than  6  million  members. 

IBM’s  expertise  with  EDI  transactions  and 
code  sets  was  a  big  draw  for  NASCO, 
Gurganus  says.  The  company  has  been 
working  with  IBM  for  more  than  two  years 
to  ready  its  systems  for  HIPAA,  reusing  as 
many  existing  resources  as  possible. 

“It  could  have  been  a  lot  more  expensive 
for  us  to  implement  this  had  we  gone  in 
there  and  totally  revamped  our  systems  on 
our  own,”  Gurganus  says. 

Today  at  NASCO,  HIPAA-ready  systems 
are  in  place.  The  company  now  is  con¬ 
centrating  on  testing  real-world  scenarios 
and  making  plan-specific  modifications 


to  meet  the  needs  of  its  customers  —  the 
BlueCross  BlueShield  companies  whose 
transactions  it  will  be  processing. 

“Our  goal  all  along  was  to  be  ready  by 
October  2002  so  that  we  could  have  more 
time  after  that  to  help  our  customers  be¬ 
come  compliant,”  Gurganus  says. 

WebSphere  Business  Integration  for 
HIPAA  is  part  of  a  bundle  of  management 
software,  training  products  and  profes¬ 
sional  services  that  make  up  IBM’s  full 
HIPAA  Readiness  Solution  Portfolio  (see 
graphic,  right). 

The  WebSphere  piece  includes  built-in 
content  to  help  users  automate  business 
processes  specific  to  the  healthcare  and  in¬ 
surance  industries,  such  as  claims  process¬ 
ing  transactions. 

Another  vendor  with  eyes  on  the  market 
for  HIPAA  assistance  is  Microsoft.The  com¬ 
pany  last  week  announced  Version  2.0  of 
its  BizTalk  Accelerator  for  HIPAA.The  new 
version  provides  prebuilt  support  for  the 
12  federally  mandated  transaction  steps 
and  adds  support  for  healthcare  claims  at¬ 
tachments.  This  addition  will  let  providers 
electronically  attach  reports  and  progress 
notes  with  each  electronic  claim  and  lets 
payers  receive  and  process  these  claims, 
Microsoft  says.  ■ 
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Preparing  for  HIPAA 

IBM’s  HIPAA  Readiness  Solution 
Portfolio  pools  IBM  hardware, 
software  and  services 
resources,  such  as: 
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Security  management  gets  easier 

GuardedNet,  Inteliitactics,  netForensics  add  event  translation,  analysis  features. 


New  in  security  management 

Security  information  management  companies  are  adding  more  collection,  correlation 
and  graphical  interfaces  to  their  software. 


Company 

Founded 

Product 

New  features 

Price 

GuardedNet 

1999 

neuSecure  1.6 

Database  agnostic,  universal  agent,  threat 
weighting  techniques  and  customizable  rules. 

$50,000 

Inteliitactics 

1996 

Network  Security 
Manager  4.0 

Real-time  correlated  event  view,  50  pre- 
loaded  rules  and  advanced  analytics  module 
for  security  threat  trend  analysis. 

$100,000 

netForensics 

1999 

netForensics  3.0 

Real-time  correlation,  event  scoring  and 
categorization  ability,  and  graphical 
visualization  of  security  devices. 

$45,000 

■  BY  DENISE  DUBIE 

Three  security  man¬ 
agement  software  mak¬ 
ers  are  improving  their 
respective  products 
with  features  that 
include  real-time  event 
correlation,  analysis 
to  prioritize  security 
events,  and  scalable  sys¬ 
tems  that  can  collect 
and  store  thousands  of 
events  per  second. 

Security  information 
management  (SIM)  ven¬ 
dors  GuardedNet,  Intelii¬ 
tactics  and  netForensics  upgraded  their 
flagship  products  recently  each  trying  to 
gain  ground  in  a  market  that  IDC  estimates 
is  worth  $15  million  today  and  is  set  to 
quadruple  to  $61.3  million  by  2005. 

SIM  software  automates  the  collection  of 
event  log  data  from  security  devices,  help¬ 
ing  users  make  sense  of  it  through  a  com¬ 
mon  management  console.  The  products 
use  data  aggregation  and  event  correlation 
features  similar  to  those  found  in  network 
management  software,  and  apply  them  to 
event  logs  generated  from  firewalls,  proxy 
servers,  intrusion-detection  systems  and 
antivirus  software. 

GuardedNet  has  expanded  its  database 
capabilities  to  allow  more  flexibility  in  stor¬ 
ing  volumes  of  security  data  for  trend 
analysis.  Inteliitactics  added  to  its  software 
50  prewritten  rules  the  company  gathered 
from  50  customers.  And  netForensics  part¬ 
nered  with  SilentRunner  —  a  network 
security  analysis  company  that  creates 
visual  representations  of  security  assets  — 
to  give  users  a  visual  layout  of  how  security 
devices  connect  and  interrelate. 

“The  visualization  with  the  SilentRunner 
module  allows  us  to  correlate  events 
across  the  enterprise,”  says  Matt  Speare, 
director  of  IT  risk  management  at  Ohio 
Savings  Bank  in  Cleveland.  He  says  his 
team  is  “impressed  with  the  intuitiveness” 
the  new  module  in  netForensics  3.0  pro¬ 
vides.  Speare  also  is  using  netForensics’ 
new  threat-scoring  feature,  which  assigns 
categorized  scores  to  security  assets  so 
managers  can  prioritize  the  importance  of 
individual  events  on  the  network. 

Inteliitactics  CTO  Paul  Sop  says  his  com¬ 
pany’s  Network  Security  Manager  (NSM) 
4.0  now  can  translate  the  effect  of  correlat¬ 
ed  security  events  into  plain  English.  NSM 
will  tell  a  security  manager  when  a  server 
infected  with  a  virus  or  vulnerable  to  a 
hacker  is  attempting  to  contact  other 
servers  and  potentially  spread  a  security 
threat  across  the  network.  For  example, Sop 
says,  NSM  could  send  a  message  such  as, 
“We’ve  seen  a  host  in  the  sales  group  that 
has  now  touched  five  business  locations.” 

“We  can  actually  take  200,000  events  and 
turn  them  into  readable  sentences,"  Sop 


says.“We  can  detect  if  a  threat  is  spreading 
and  characterize  that  into  relevant  descrip¬ 
tions  in  sentence  form.” 

SIM  software  also  can  collect  security 
data  from  security  devices  that  don’t 
broadcast  events  and  nonsecurity  devices 
through  the  use  of  universal  agents,  which 
users  configure  to  pull  data  from  those  spe¬ 
cific  devices.  GuardedNet  and  net¬ 
Forensics  added  universal  agents  to  their 
feature  list,  while  Inteliitactics  already 
offered  them. 

Tom  McNeight,  GuardedNet’s  new  presi- 


■  BY  ELLEN  MESSMER 

WALTHAM,  MASS.  —  Okena  last  week 
introduced  intrusion-detection  system 
management  software  that  goes  beyond 
simply  centralizing  the  process  of  control¬ 
ling  servers  and  PCs  running  the  com¬ 
pany’s  Storm  Watch  IDS  program. 

Like  other  IDS  mahagement  software, 
StormTrack  can  deliver  a  big  picture  of 
attempted  attacks  and  unauthorized  use.  In 
doing  so,  Okena  says  the  software  can  save 
IT  staffs  the  drudgery  of  managing 
machines  outfitted  with  StormWatch  one 
by  one. 

Where  StormTrack  is  different  is  in  its  abil¬ 
ity  to  collect  information  on  applications 
and  services  that  never  run  and  as  a  result, 
present  a  possible  security  hole.  The  soft¬ 
ware  also  can  be  used  to  keep  track  of 
where  different  versions  of  applications  are 
running  —  useful  information  for  compa¬ 
nies  trying  to  spot  programs  that  need  to  be 
updated  or  patched. 

The  Windows-based  software,  which  costs 
$500  per  server  and  $25  per  desktop  agent, 
also  has  a  network-discovery  component 
that  can  be  used  to  identify  which  servers 
and  desktops  are  not  running  Okena’s  IDS 
software  in  the  event  an  IT  staff  wants  to 


dent  and  CEO,  says  SIM  vendors  must  be 
able  to  seal  potential  holes  in  security  sys¬ 
tems  that  could  slip  by  a  human  operator. 
GuardedNet’s  neuSecure  1.6  “can  stop 
security  managers  from  being  over¬ 
whelmed  as  devices  continue  to  prolifer¬ 
ate,”  he  says. 

Vendors  such  as  e-Security  ArcSight  and 
OpenService  also  are  among  the  list  of 
newer  companies  attempting  to  address 
SIM  needs.  Security  industry  giants  such  as 
Check  Point  Software  and  Symantec  also 
announced  SIM  products  this  fall.H 


further  distribute  it. 

“StormTrack  consolidates  a  lot  of  things 
that  had  only  been  available  before  to  view 
on  a  per-machine  basis,”  says  Bill  Spemow, 
CIO  at  the  Georgia  Student  Finance 
Commission,  an  Atlanta-based  organiza¬ 
tion  that  receives  state  funding  for  student 
loan  programs.  “Like  a  network-discovery 
tool.it  does  process  discovery  and  gives  us 
interesting  insight  into  what’s  going  on  in 
our  network.” 

The  finance  commission  is  setting  aside 
$70,000  in  its  next  budget  to  purchase 
Okena  software  to  safeguard  its  new 
Windows  2000  network.  The  commission 
has  used  Okena  for  about  six  months  on 
assorted  Windows,  Internet  Information 
Server  and  Check  Point  servers. 

Spemow  says  StormTrack  can  not  only 
cast  light  on  which  servers  might  be  under 
attack,  but  also  report  on  application  prob- 
lems.The  Georgia  IT  staff  once  was  remote¬ 
ly  restoring  Microsoft  Advanced  Server  and 
overwriting  a  registry,  but  discovered  the 
old  and  new  registries  actually  had  merged 
instead.  “StormTrack  showed  us  what  our 
environment  processes  were,”  he  says. 

Okena  competes  with  Alladin,  Entercept 
and  Symantec. 

Okena:  www.okena.com 
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Networks  and  Sourcefire.  Top  Layer,  which 
already  makes  a  variety  of  network  security 
devices,  next  week  plans  to  announce 
appliances  focused  on  HTTP 
Port  80  attacks,  computer 
worms  and  other  signature 
attacks  it  says  companies  will 
not  hesitate  to  block.  Sep¬ 
arately,  Sourcefire  Founder 
and  CTO  Martin  Roesch  — 
who  has  commercialized  the 
Snort  intrusion-detection 
freeware  he  developed  — 
divulged  that  the  company  is 
readying  an  intrusion-preven¬ 
tion  device  for  early  next 
year.  These  companies  follow 
others  such  as  Internet 
Security  Systems  OSS),  Intru- 
Vert,  NetScreen  Technologies 
and  TippingPoint  Technol¬ 
ogies  into  the  market. 

For  organizations  seeing  no 
slowdown  in  attacks,  it  may 
be  hard  to  pass  up  new  offer¬ 
ings  despite  reservations  being  expressed. 

“Passive  monitoring  just  wasn’t  accom¬ 
plishing  anything,” says  Stephen  Olsen,  IT 
director  at  The  Las  Vegas  Review  Journal , 
which  has  used  the  NetScreen  1DP-100  to 
guard  its  multimegabit  Internet  access  con¬ 
nection.  But  the  Review  is  using  the  prod¬ 
uct  to  block  only  a  modest  portion  of 
known  attacks  because  of  concern  about 
dropping  legitimate  traffic  for  the  Web  sites 
the  publication  manages. 

With  the  FBI’s  help,  the  Review  is  chasing 
down  and  prosecuting  a  hacker  who  had 
attacked  the  publication  via  the  Internet. 
The  IDP-1 00-generated  report  helped  pro¬ 
vide  evidence  about  the  hackers  activity 
although  the  strongest  evidence  probably 
came  from  packets  originating  from  the 
hacker’s  IP  address  that  weren’t  blocked  as 
opposed  to  those  that  were,  Olsen  says. 

Such  issues  will  come  to  the  forefront  as 
more  companies  try  intrusion  prevention. 

“If  you  have  critical  traffic  flowing 
through  critical  ports,  you  have  to  be  con¬ 
cerned  about  the  potential  of  false  posi¬ 
tives,”  says  Lloyd  Hession,  chief  security  offi¬ 
cer  at  Radianz  in  New  York,  which  uses  the 
1SS  Guard  blocking  appliance  in  a  fail-safe 
mode  on  certain  segments  of  the  global  IP 
network  it  runs  for  5,000  financial  firms. 
“With  in-line  intrusion  detection,  the  real 
danger  is  that  you’ve  added  an  extra  hop, 
increasing  latency  and  introducing  a  single 
point  of  failure.” 

Hession  says  that  while  the  Guard  prod¬ 
uct  has  proven  its  worth  by  shutting  out  the 
Nimda  worm, among  others,  he’s  not  ready 
to  make  intrusion  prevention  ubiquitous 
on  the  Radianz  network, given  the  sensitive 


Read  more  about  protecting 
your  network  with  our  review  of 
Gigabit  intrusion-detection  sys¬ 
tems.  PAGE  46. 


nature  of  the  data  flowing  across  it. 

“There  are  latency  issues  with  these 
devices,”  he  says.  “You  add  a  significant 
delay  when  you  bring  one  of  these  into 
your  network.” 

Still,  users  say  the  risks  involved  with  mov- 


Network-based  intrusion  prevention 

New  appliances  work  at  near-gigabit  speed  to  block  attacks. 


Hacker  attempt,  denial- 
of-sen/ice  attack  or  worm 
is  directed  at  the  network. 
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Unlike  traditional  IDS  products,  an 
intrusion-prevention  appliance  operates 
in-line  and  actually  blocks  suspicious 
traffic  after  determining  it  is  an  attack. 


Traditional  IDS  products  mirror 
and  inspect  suspicious  traffic 
and  may  be  set  up  to  instruct 
a  firewall  or  router  to  block  it. 
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Traditional  IDS 


ing  to  the  new  products  are  acceptable 
given  the  shortcomings  of  traditional  IDS 
products,  which  send  alerts  signaling  that 
any  of  the  more  than  1 ,000  known  attacks 
or  denial-of-service  (DoS)  dangers  might 
now  be  at  a  company’s  door. 

“If  you  have  to  wait  for  a  router  or  firewall 
to  stop  some  of  these  attacks,  you’re  lost,” 
says  Chris  Da  Silva,  network  manager  at 
California  State  University  at  Hayward, 
which  is  installing  IntruVert’s  IntruShield  in 
front  of  a  firewall  to  help  protect  an  OC-12 
used  for  Internet  access.  DoS 
attacks  have  blasted  routers 
and  firewalls  off-line  too  fre¬ 


quently  he  says. 

“These  first-generation  devices  could  just 
sit  in  passive  mode,  waiting,”  says  Jim 
Graves,  vice  president  of  IT  at  the 
Englewood,  Colo.,  real-estate  investment 
firm  Archstone-Smith,  which  a  month  ago 
installed  TippingPoint’s  in¬ 
trusion-detection  appliance 
to  monitor  and  actively 
block  suspicious  traffic  over 
three  T-ls.“We  were  skepti¬ 
cal  at  first  about  intrusion 
prevention.  But  so  far  the 
TippingPoint  device  has 
been  stable,  blocking  thou¬ 
sands  of  known  attacks.” 

Graves  says  Archstone- 
Smith  blocks  720  known 
attacks  and  counted  about 
500  blocks  per  day.  He  has 
yet  to  see  any  evidence  that 
legitimate  traffic  is  being  fil¬ 
tered  inadvertently 
In  the  past,  Archstone- 
Smith  used  passive-monitor¬ 
ing  IDS  products,  including 
- 1  Cisco’s,  with  software  pro¬ 
grammers  writing  access- 
control  scripts  so  the  IDS  could  send 
instructions  to  the  firewall  and  router  to 
block  suspicious  traffic.  Using  TippingPoint 
has  eliminated  script  writing. 

But  Graves  acknowledges  that  using  in¬ 
line  intrusion  prevention  brings  the  risk 
that  when  the  device  fails  for  whatever  rea¬ 
son,  the  entire  segment  to  which  it  is  con¬ 
nected  could  be  disrupted. 

“It’s  a  single  point  of  failure,  and  you 
then  have  to  unplug  it,”  he  says.  But 
TippingPoint,  like  other  vendors,  is  said 

„  .  .  .  ..  ..  to  be  working  on  clustering 
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Server  vendors  queue  up 
behind  Intel's  new  processor 


■  BY  DENI  CONNOR 

The  promise  of  smaller,  higher-speed 
cache  memory  processors  has  server 
makers  lining  up  behind  Intel’s  new 
Gallatin  chip. 

The  2-GHz  servers  from  Hewlett-Packard, 
IBM  and  others  will  be  aimed  at  customers 
who  need  to  crunch  CRM,  database  and 
other  large-scale  applications.  The  com¬ 
pany  also  will  announce  that  an  eight-pro¬ 
cessor  ProLiant  DL760  will  be  available  in 
the  first  quarter  of  2003.  Unisys  also  is  ex¬ 
pected  to  ship  32-processor  ES7000 
Gallatin-based  servers  in  the  first  quarter. 

The  Gallatin  processor,  formally  called  the 
Intel  Xeon  Processor  MR  has  been  incor¬ 
porated  into  HP’s  four-processor  ProLiant 
ML570  server.  Dell  is  expected  to  announce 
today  that  its  PowerEdge  6600  and  6650 
servers  have  been  upgraded  to  Gallatin. 
And  IBM  is  expected  to  announce  that 
three  of  its  xSeries  servers  —  the  x225,x360 
and  x440  —  will  contain  the  processors. 

Intel  says  the  Xeon  Processor  MP  is  as 


much  as  38%  faster  than  its  dual-processor 
Xeon  DP-enabled  servers.  The  company 
says  the  processor  owes  its  performance 
improvements  to  increased  processor 
speeds,  double  the  cache  memory  of  the 
Xeon  DP  processor  and  a  new  manufac¬ 
turing  process  that  results  in  thin,  and  thus 
faster,  connections  between  components. 
The  Gallatin  processor  also  lets  hot-plug- 
gable  spare  or  mirrored  memory  be  in¬ 
stalled  in  the  case  of  a  failure. 

As  for  the  new  boxes,  HP’s  ML570  is  a  four- 
processor  1.4-GHz  server,  with  hot-plug¬ 
gable  mirrored  memory  and  seven  PC1-X 
slots.  It  starts  at  $6,920  and  is  available  now. 

IBM’s  x255  four-processor  server  will  start 
at  $6,170;  the  four-processor  x360  will  start 
at  $7,300;  and  the  x440,  which  has  four  to 
eight  processors,  will  start  at  $18,100.  IBM 
expects  the  x255  and  x440  servers,  which 
support  Linux  and  Microsoft  Windows,  to 
be  available  this  month;  the  x360  should  be 
available  in  December. 

Dell’s  6600  and  6650  units  start  at  $6,000 
and  are  available  now.  ■ 
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Next  year  corporate  users 
could  be  able  to  log  on  at  any 
public  access  point,  or  wireless 
LAN  hot  spot,  that  shows  the  sym¬ 
bol.  Such  users  will  be  authenti¬ 
cated  through  a  network  of 
Remote  Authentication  Dial-In 
User  Service  (RADIUS)  servers 
before  seeing  their  start-up  Web 
page  on  the  Internet  or  their  cor¬ 
porate  intranet. 

The  proposal  follows  last 
week’s  WFA  announcement  of  a 
software  fix  for  most  of  the 
biggest  security  flaws  in  the 
Wired  Equivalent  Privacy  (WEP) 
encryption  scheme,  which  is  part 
of  the  IEEE  802. 1 1  wireless  LAN 
standard.  The  security  improve¬ 
ment,  dubbed  Wi-Fi  Protected 
Access,  is  based  on  a  Microsoft 
implementation  of  a  draft  work¬ 
ing  its  way  through  the  IEEE  rati¬ 
fication  process. 

The  Wireless  Internet  Service 
Provider  Roaming  (WISPr)  pro¬ 
ject  was  announced  about  18 
months  ago.  Essentially,  the  WFA 
subcommittee  was  wrestling  with 


the  problem  of  how  to  make  wire¬ 
less  LAN-based  services  act  like 
cellular  telephone  services  —  get 
access  via  the  nearest  carrier, 
wherever  you  are,  and  have  all 
charges  appear  on  one  bill  from 
your  home  carrier. 

“The  Wi-Fi  Zone  logo  will  say  to 
users, ‘Here’s  a  place  that  adheres 
to  these  [WISPr]  standards,’  ”  says 
Roy  Albert,  vice  president  of  prod¬ 
uct  development  for  iPass,  a  con¬ 
nectivity  software  company  that 
partners  with  802.11b  service 
providers  to  create  an  internation¬ 
al  roaming  service  for  enterprise 
customers.  “So  users  will  know 
what  to  expect  in  logging  on.” 

Albert  predicts  that  devices 
eventually  will  alert  users  when 
they  come  within  range  of  a  Wi-Fi 
Zone  access  point.  If  they  click  on 
“connect,”  they’ll  be  connected 
and  the  authentication  process 
will  begin. 

Approved  two  weeks  ago,  the 
WFA  document  outlines  the 
steps  needed  for  wireless  LAN 
service  providers  to  create  a 
simple,  consistent  user  logon 
experience.  The  document  out¬ 
lines  a  way  for  users  to  log  on  to 


HOW  IT  WORKS 


The  word  on  WISPr 

Wi-Fi  hot  spot  providers,  involved  in  the  WISPr  project,  are  nearing 
agreement  on  a  system  that  would  let  end  users  access  the  Internet  or 
intranets  from  any  of  the  providers’  hot  spots. 

Hot  spot  operator  Optional  third-party  clearinghouse 


The  end  user...  O  Connects  to  an  802.11b  hot  ©  ...then  is  authenticated  by  RADIUS 
spot  access  point  and  logs  servers  located  at  participating 
on  via  a  Web  browser  or  service  providers... 
smart  client... 


©  ...and  is  given  access  to  the  intranet  or  the  Internet 
Billing  is  handled  through  a  third-party 
clearinghouse  or  by  the  service  providers. 


any  WISPr  wireless  LAN  with 
only  a  wireless  adapter  and  a 
Web  browser. 

The  recommendations  include 
a  set  of  attributes  to  be  used 
in  configuring  authentication 


Infonet  heads  into  VoIP 

Managed  service  aimed  at  saving  on  international  calls. 

VoIP  guarantees 


BY  TIM  GREENE 


EL  SEGUNDO,  CALIF  —  Infonet 
this  week  is  joining  a  growing 
number  of  carriers  that  offer  man¬ 
aged  IP  voice  services  that  can 
help  users  get  around  the  high 
cost  of  international  phone  links. 

Called  IP  Voice  VPN,  the  service 
connects  traditional  corporate 
PBXs  over  Infonet’s  international 
packet  network  rather  than  over 
traditional  long-distance  phone 
lines.  It  does  this  by  installing  and 
managing  IP  gateways  at  cus¬ 
tomer  sites  to  convert  PBX  signal¬ 
ing  and  traffic  to  IP 
Other  providers  offering  IP  voice 
include  Cable  &  Wireless,  AT&T, 

Equant  and  WorldCom,  with  Info¬ 
net  standing  out  for  its  reputation 
for  customer  service  and  the  number  of  countries  it 
reaches, says  Rena  Bhattacharyya,  an  IDC  analyst. 

Infonet’s  offerings  most  closely  compare  to  those 
of  Equant, says  Brownlee  Thomas,  a  director  at  Giga 
Information  Group,  because  both  providers  special¬ 
ize  in  international  networks.  Calls  between  coun¬ 
tries  are  the  most  expensive,  running  8  cents  per 
minute  and  more,  Giga  says,  and  putting  them  on 
packet  networks  can  save  companies  50%  to  70%. 

Using  the  service  within  the  U.S.  or  Europe  won’t 
bring  much  in  savings,  Thomas  says.  “With  long-dis¬ 
tance  at  3.2  cents  per  minute  or  1.6  cents  per 


Infonet’s  offering  provides 
the  following  service-level 
agreements: 

Delay:  Depends  on  the  link  (for 
example, Brussels  to  London,  30 
msec;  Los  Angeles  toTokyo,  130 
msec.) 

Packet  delivery:  99.8%  (not 
counting  the  access  network.) 

Jitter:  40  msec 

Provisioning:  20%  of  installation 
fee  credit  for  each  day  late. 

Problem  resolution:  Can  cancel 
service  without  penalty  if  problems 
are  not  escalated  according  to 
agreement. 


minute,  what’s  the  point?”she  says. 
The  IP  voice  service  enables  PBX- 
to-PBX  calls  in  45  countries.  For 
countries  outside  the  reach  of  the 
IP  network,  Infonet  can  connect 
its  IP  voice  customers  to  public 
phone  networks  in  200  countries. 

While  Equant  offers  manage¬ 
ment  of  LAN-based  IP  phone 
equipment,  Infonet  draws  the  line 
at  Cisco  gateways  it  leases  to  cus¬ 
tomers  and  that  link  legacy  PBXs 
to  Infonet’s  network.  Infonet  plans 
to  manage  IP  PBXs  and  even  desk¬ 
top  phones  down  the  road. 

By  working  in  tandem  with  exist¬ 
ing  PBXs,  this  service  lets  custom¬ 
ers  try  out  IP  voice  on  a  limited 
basis.  “One  problem  is  building  a 
level  of  confidence  with  this  tech¬ 
nology.  Carriers  need  to  demon¬ 
strate  this  technology  can  deliver  the  quality  of  ser¬ 
vice  customers  are  used  to,"  Bhattacharyya  says. 

She  notes  that  many  businesses  upgraded  their 
PBXs  within  the  past  three  years  to  avert  potential 
Year  2000  problems.  “To  transition  away  to  all  IP 
voice  is  a  big  investment.  IP  phones  can  cost  $300  to 
$400  each,” she  says. 

Infonet  would  not  reveal  its  pricing,  but  a  sample 
network  among  New  York,  Miami,  Los  Angeles,  Paris 
and  Rio  de  Janiero  would  save  44%  off  tariff-based 
calling.That  includes  2,000  minutes  per  month  of  off- 
net  calling  per  site.  ■ 


servers  and  databases  based  on 
the  RADIUS  protocol. 

For  corporations  that  want 
higher  security,  several  appen¬ 
dixes  outline  optional  recommen¬ 
dations.  One  is  the  General  In¬ 
terface  Specification  (GIS), which 
is  a  protocol  iPass  created  and  is 
freely  available  at  www.ipass 
.com/gis.  GIS  creates  a  standard 
way  for  clients  to  connect  consis¬ 
tently  and  securely  to  a  range  of 
access  gateways,  which  are  the 
bridges  between  the  wireless 
access  point  in  a  hot  spot  and  the 
back-end  provider  networks. 

Another  appendix  outlines 
the  use  of  public-key  infrastruc¬ 
ture  for  encrypting  communica¬ 
tions  links. 

The  WFA  document  is  being  dis¬ 
tributed  among  the  membership 
for  review  and  comment  before 
final  public  release,  probably  by 
year-end. 

Meanwhile,  the  WFAs  security 
announcement  last  week  might 
reassure  a  lot  of  enterprise  users. 

In  effect,  the  WFA  borrowed 
from  the  802. 1 1  i  work  those  parts 
of  it  that  could  be  implemented 
in  software,  to  make  possible  an 
early  fix  to  WEP’s  main  weak- 
nesses.The  final  IEEE  document 
is  not  expected  to  be  ratified  un¬ 
til  next  fall,  and  also  will  replace 
the  WEP  encryption  engine  with 
a  new  one  based  on  Advanced 
Encryption  Standard,  which  is 
likely  to  need  new  hardware  to 
be  implemented,  says  Yoram 
Solomon,  director  of  devel¬ 
opment  for  Texas  Instruments’ 
wireless  networking  business 
and  a  member  of  the  WFAs  secu¬ 
rity  committee. 

A  major  problem  with  WEPSolo- 


mon  says,  is  that  one  step  in  set¬ 
ting  up  the  encryption  key  uses  a 
relatively  small  number  of  bits.  If 
these  bits  are  cracked,  which  isn’t 
difficult,  an  attacker  can  derive 
the  key  and  decrypt  all  the  traffic 
that  uses  that  key 
The  WFA  proposal  changes  that 
key  faster  than  it  can  be  decryp¬ 
ted,  by  means  of  the  Temporal 
Key  Integrity  Protocol. 

Because  this  is  a  software 
change,  vendors  of  access  points 
and  adapters  can  simply  issue  a 
firmware  upgrade  to  activate  the 
improved  security;  or,  at  least  half 
of  the  improved  security:  right 
now  the  only  client  operating  sys¬ 
tem  that  supports  the  enhanced 
security  is  Windows  XP 
The  Wi-Fi  Protected  Access  soft¬ 
ware  is  based  on  a  Microsoft  imp¬ 
lementation  of  the  early  802.1  li 
work,  Solomon  says.  The  client- 
device  operating  system  also 
must  support  the  software  stack 
and,  today,  only  Microsoft  XP 
does  so. 

That  gap  can  be  filled  by  third- 
party  implementations  for  other 
operating  systems,  until  the  plat¬ 
form  vendors  incorporate  it. 

The  WFA  has  outlined  a  testing 
and  certification  program  to 
ensure  that  products  using  Wi-Fi 
Protected  Access  will  work 
with  each  other.  Preliminary 
testing  starts  this  month,  with 
full-scale  certification  begin¬ 
ning  in  February. 

Wi-Fi  Protected  Access  will  be 
an  optional  feature  in  products 
bearing  the  Wi-Fi  logo  until  July 
when  it  will  be  mandatory.® 
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collection  of  customers  would 
like  to  see  next  from  Microsoft, 
we  polled  a  cross  section  of 
them.These  were  their  top  issues: 


1  Patch  manage- 
B  merit 


Users  say  there  is  no  excuse  for 
releasing  software  that  needs 
patching  as  much  as  Microsoft’s. 
But  if  they  have  to  live  with  that 
inevitability  Microsoft  should  at 
least  offer  a  good  system  for  man¬ 
aging  patches  that  now  arrive  in  a 
variety  of  formats  to  be  applied 
with  different  automated  tools. 
Patch  management  has  been  an 
art,  not  a  science. 

“Microsoft  can  develop  an 
Internet  browser  so  integral  a 
part  of  their  operating  system  that 
to  remove  it  would  detract  great¬ 
ly  from  the  value  of  the  [operat¬ 
ing  system],  per  the  recent 
antitrust  case,  but  they  can’t  make 
patch  management  just  as  inte¬ 
gral  a  part  of  the  [operating  sys¬ 
tem]  ?”says  Jeff  Allred,  manager  of 
network  services  for  the  Duke 
University  Cancer  Center  in 
Durham,  N.C. 

Allred  calls  Microsoft’s  current 
efforts  “lip  service”  and  not  any¬ 
where  close  to  what  Microsoft 
should  be  capable  of  producing. 
Users  say  Microsoft  must  get  patch 
management  right  to  form  a  foun¬ 
dation  for  other  advancements. 

“Tire  next  step  will  be  to  tackle 
more  challenging  systems  man¬ 
agement  problems  such  as  perfor¬ 
mance  monitoring,  reporting  and 
management,”  says  A]  Williams, 
director  of  distributed  systems 
group  at  The  Pennsylvania  State 
University  in  State  College. 


g  Security 


Without  answers  to  the  patch 
problems,  security  will  always 
suffer.  Microsoft  earlier  this  year 
announced  its  Trustworthy  Com¬ 
puting  Initiative  to  develop 
secure  code,  but  users  call  it 
only  a  small  step. 

“My  wish  list  includes  some  type 
of  Microsoft  security  organization 
that  has  branding,  services  and 
products  that  are  security  con¬ 
scious  and  adaptive.  Kind  of  the 
'Intel  Inside’  scheme  but  under 
the  trustworthy  ideals,”  says  Ken 
Winnell,  CEO  of  Econium  in 
Totowa.NJ., which  develops  XML- 
based  applications  based  on 
Microsoft  Net  and  Java/Java  2 
Platform  Enterprise  Edition  tech¬ 


nology  He  says  the  scheme  could 
include  products  that  range  from 
identity  and  access  management 
to  reliability  and  hackproof  code. 


■  Training 


“Two  weeks  to  become  a  Micro¬ 
soft  Certified  Systems  Engineer?” 
asks  Doug  Spindler,  project  coor¬ 
dinator  for  Active  Directory  at  the 
Lawrence  Berkeley  National  Lab¬ 
oratory  in  Berkeley  Calif. ‘Ask  any 
educator  how  much  information 
the  average  student  retains; 
maybe  1%?” 

Spindler  says  as  an  employer, 
and  an  MCSE  himself, that  he  feels 
cheated.  “Certification  should  be 
more  like  a  two-year  degree  pro¬ 
gram.  The  certification  classes 
are  focused  more  on  passing  the 
test  than  on  learning  the  tech¬ 
nology”  Spindler  says  he  can’t 
think  of  one  other  certification 
that  can  be  obtained  in  two 
weeks  for  anything  that  is  as  crit¬ 
ical  as  computer  systems  are  for 
the  health  of  a  business. 


4 

Tl  Licensing 

Microsoft  touched  off  a  fire¬ 
storm  last  year  when  it  intro¬ 
duced  its  Licensing  6.0  program, 
which  many  customers  said,  and 
later  proved,  would  cost  them 
more  money  to  run  Microsoft 
software. 

“My  greatest  concern  isn’t  with 
the  Microsoft  technology  it  is  with 
the  changes  in  licensing  and 
product  pricing,”  says  Greg  Scott, 
IS  manager  for  the  Oregon  State 
University  College  of  Business  in 
Corvallis.“The  lack  of  consistency 
from  one  year  to  the  next  makes 
me  very  nervous  about  commit¬ 
ting  to  Microsoft.” 

Some  of  the  issues  also  related 
to  Microsoft’s  end-user  licensing 
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agreements,  newer  versions  of 
which  users  say  give  Microsoft  the 
ability  to  automatically  install  soft¬ 
ware  over  the  Internet  without 
user  consent. 

“As  someone  who  is  responsible 
for  maintaining  computers  that 
are  used  for  maintaining  safety 
alarms,  building  controls,  toxic 
waste  disposal  equipment,  and 
other  environmental  health  and 
safety  controllers,  this  doesn’t  ex¬ 
actly  give  me  a  warm,  fuzzy  feel¬ 
ing,”  says  Dennis  Soper,  network 
supervisor  for  facilities  services 
for  the  University  of  Oregon  in 
Eugene. 

5 

Support 

Users  also  would  like  to  see 
Microsoft  do  a  better  job  of 
support. 

“I’d  like  to  see  enhancements  to 
Microsoft  Premier  Support,  in¬ 
cluding  architectural  documenta¬ 
tion  [on  the  installations  of  Micro¬ 
soft’s]  major  clients  to  enable 
appropriate  escalation  to  proper 
technical  resources  as  well  as 
faster  resolution  times,” says  David 
Ellis,  senior  technical  analyst  for 
Carlson  Shared  Services  in  Min¬ 
neapolis.  “We  hate  getting  stuck 
with  a  Microsoft  junior  techni¬ 
cian,  explaining  our  issues, getting 
a  blanket  answer  such  as  ‘just 
reboot’,  getting  transferred  to  the 
proper  level  of  technician  and 
having  to  explain  our  system  and 
issues  all  over  again.” 

Management 
■  tools 

The  fact  that  so  many  Microsoft 
products  have  become  critical 
cogs  in  corporate  network  infra¬ 
structures  means  Microsoft  must 
improve  its  management  tools, 
users  say 

“They  need  better  system  ad¬ 
ministration  tools  for  logging, 
monitoring,  Active  Directory 
management  and  workstation 
configuration,”  says  Thomas 
Gaylord, CIO  for  the  University  of 
Akron  in  Ohio. 

Gaylord  says  the  current  tool  set 
doesn’t  scale  and  is  homoge- 
neous.“And  it  needs  to  be  central¬ 


ized  so  that  it  doesn’t  take  an 
army  of  technicians  to  manage  it,” 
he  says. 

Users  also  want  to  see  product- 
specific  tools  improved. 

“It  is  impractical  that  we  have  to 
spend  extra  money  to  get  proper 
queue,  volume  and  usage  moni¬ 
toring,  alerting  and  reporting  tools 
for  [Exchange]  ”  Ellis  says. 

7  Consistency  in 

■  product  upgrades 

“It  seems  that  every  time  a  prod¬ 
uct  changes  versions,  customers 
are  supposed  to  scrap  everything 
they’ve  done  and  start  over?  says 
Nelson  Ruest,  director  of  consul¬ 
tancy  Resolution  Enterprise.  He 
says  a  perfect  example  is  Office 
with  its  changing  file  formats, 
including  additional  changes 
coming  in  Office  11.  “And  that 
doesn’t  even  begin  to  include  all 
the  macros  and  applications  that 
were  built  on  the  former  platform.” 

He  says  Microsoft  needs  to  get 
this  right  before  it  introduces  its 
universal  file  system  sometime  in 
2005  with  its  Longhorn  version  of 
Windows. 

“Conversion  tools  for  both 
information  and  applications 
will  be  a  key  to  the  success  of  the 
universal  store,”  he  says. 

Integration  with 
■  other  vendors 

“My  No.  1  wish  is  that  Microsoft 
would  recognize  that  there  real¬ 
ly  is  room  for  more  than  just 
them  in  the  software  business 
and  that  they  would  bury  the 
hatchet  with  certain  companies 
and  work  to  better  integrate 
technology”  says  Jeff  Durfee,  IT 
manager  of  Milton  J.  Wood  Co.  in 
Jacksonville,  Fla. 

Durfee  says  he  doesn’t  care  for 
an  all-Microsoft  world  just  as  he 
didn’t  care  for  a  world  dominat¬ 
ed  by  IBM  in  the  1970s  and  early 
1980s. 

“No  amount  of  advertising  or 
cajoling  is  going  to  willingly  make 
me  go  down  the  vendor  lock-in 
path  again,”  he  says.  ■ 
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More  bandwidth,  please 

A  look  at  the  applications  that  are  driving  demand 
for  10G  Ethernet  in  the  enterprise. 


BY  STEVE  ULFELDER 

The  old  saying  says  you 
can  never  be  too  thin 
or  too  rich.  Where 
computing  is  concerned,  you 
can  never  have  too  much 
processing  power  or  too 
much  bandwidth.  Thus,  it 
seems  surprising  that  some 
enterprises  remain  uncoiv 
vinced  that  they  need  10 
Gigabit  Ethernet. 

From  storage  to  boundary-pushing  LANs, 
a  number  of  applications  scream  for  1 0G 
Ethernet  technology.  Even  emerging  Web 
services  may  require  more  bandwidth  than 
most  businesses  have  today.  Here  we 
explore  the  applications  that  will  drive 
demand  for  10G  Ethernet  in  the  enterprise. 

On  the  farm 

Servers  that  used  to  be  distributed  to  the 
department  level  are  now  often  consolidated 
into  central  server  farms  that  must  support 
high  transaction  rates.  To  minimize  conges¬ 
tion,  these  servers  need  high  bandwidth 
rates.  “Imagine  a  server  farm  with  20  or  30 
servers,  each  with  a  Gigabit  Ethernet  link,” 
says  Andrew  Feldman,  vice  president  of  cor¬ 
porate  marketing  at  Riverstone  Networks  in 
Santa  Clara,  Calif.  “You  need  a  lOGig  link 
to  really  get  the  most  out  of  that.” 


"When  you  talk  about  communicating 
video,  voice  and  data  over  the  same 
network.  10  Gig  just  makes  sense." 
says  John  Alberg.  co-founder  and  vice 
president  of  engineering  at  Employease, 


SCOTT  JOLLIFF 


“We  use  Gigabit  Ethernet  in  our  data  cen¬ 
ter  right  now,  and  we  see  insatiable  demand,” 
says  John  Alberg,  co-founder  and  vice  presi¬ 
dent  of  engineering  at  Employease,  an 
Atlanta  provider  of  human  resources  and 
benefits  systems.  “These  days,  the  way  people 
add  incrementally  to  data  centers,  what  used 
to  be  the  memory  bus  is  now  the  network. 
Having  lOGig  Ethernet  would  really  add  a 
comfort  level  as  we  expand.” 

The  LAN  becomes  a  MAN 

Lawrence  Orans,  an  analyst  at  Gartner, 
believes  10G  Ethernet  will  make  its  first 


inroads  in  the  enterprise  LAN  backbone,  an 
arena  already  dominated  by  Ethernet.  After 
all,  100M  bit/sec  Ethernet  links  to  desktops 
are  increasingly  common,  as  is  Gigabit 
Ethernet  linking  wiring-closet  switches  to 
backbone  switches;  and  10G  Ethernet 
serves  as  a  scalable  connection  between 
LAN  backbone  switches,  Orans  says. 

Moreover,  most  servers  now  come  stan¬ 
dard  with  Gigabit  Ethernet  network  inter¬ 
face  cards,  so  10G  Ethernet  is  a  sensible 
uplink  between  switches  that  connect  serv¬ 
er  farms  with  Gigabit  Ethernet  interfaces 
and  the  LAN  backbone. 
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While  Gigabit  Ethernet  supports  single- 
mode  fiber  distances  up  to  5  km,  or  about  3 
miles,  10G  extends  that  distance  to  40  km, 
nearly  25  miles.  This  longer  run  may  be  the 
surprise  “killer  app”  for  10G  in  the  enter¬ 
prise,  analysts  say,  because  it  enables  com¬ 
panies  to  extend  their  LANs  into  metropol¬ 
itan-area  networks  (MAN).  As  a  result, 
businesses  could  move  their  data  centers  40 
km  from  their  main  campuses  —  to  real 
estate  that  is  often  far  less  expensive. 

In  the  SAN 

It’s  no  secret  that  storage-area  networks 
(SAN)  are  taking  off  in  the  enterprise; 
Boston-based  Pioneer  Consulting  predicts 
worldwide  SAN  equipment  sales  will  leap 
from  $7.5  billion  this  year  to  almost  $84 
billion  by  2007.  Similarly,  the  growth  of 
network-attached  storage  (NAS),  while  not 
as  explosive,  helps  signal  that  direct- 
attached  storage  is  no  longer  sufficient  for 
large  businesses. 

Long-distance  storage  networks,  and 
the  data  distribution  they  entail,  make 
sense  for  a  variety  of  reasons,  according  to 
Anne  Skamarock,  a  senior  analyst  at 
Enterprise  Management  Associates  in 
Boulder,  Colo.  Business  continuity  is  one. 
Companies  are  concerned  that  a  catastro¬ 
phe  could  wipe  out  their  data  if  it’s  concen¬ 
trated  in  a  single  data  center.  “Gigabit  and 

10  Gigabit  Ethernet  allow  people  to  solve 
both  business-continuance  and  data-distri- 
bution  issues,”  she  says.  “It’s  not  just  tacti¬ 
cal;  it’s  a  strategic  investment  for  storage 
networking.” 

One  reason  enterprises  have  been  reluc¬ 
tant  to  access  storage  through  an  IP  net¬ 
work  is  latency,  Skamarock  adds. 

“Obviously,  10G  Ethernet  will  allow  the 
packets  to  move  significantly  faster  —  and 
allow  for  more  traffic  to  be  put  on  the  net¬ 
work.”  The  emergence  of  10G  Ethernet 
opens  new  doors  in  high-performance  file¬ 
sharing,  synchronous  mirroring  and  inter¬ 
connection  of  Fibre  Channel  SANs. 

Bill  Voegele,  manager  of  the  enterprise 
storage  group  at  Minneapolis-based  food 
wholesaler  Supervalu,  says  10G  Ethernet 
would  be  a  welcome  addition  to  his  SAN, 
which  boasts  256  open  ports  and  more  than 

1 1  terabytes  of  data.  “As  the  cost  comes 
down,  why  wouldn’t  you  want  more  band¬ 


width?”  he  says.  (While  the  per-port  cost  of 
10G  Ethernet  is  about  $39,000  today,  com¬ 
pared  with  $1,000  for  Gigabit  Ethernet,  the 
Dell’Oro  Group  predicts  it  will  fall  to  about 
$7,800  by  2005.) 

In  the  WAN 

Because  SONET  is  the  dominant  trans¬ 
port  protocol  in  today’s  WAN  and  MAN 
backbones,  the  IEEE  task  force  that  devel¬ 
oped  the  10G  Ethernet  standard  specified 
an  interface  that  works  with  SONET-based 
access  equipment  and  data  rates,  without 
protocol  conversion  (see  story,  page  6). 

IP  convergence. 

The  real-time  data  transfer  required  by 
voice  over  IP  (VoIP)  and  video  on  demand 
places  enormous  strain  on  enterprise  net¬ 


works,  and  the  technologies  are  growing 
rapidly  in  popularity.  According  to  Gartner 
Group,  80%  of  Global  2000  businesses  will 
implement  an  IP-based  content  delivery 
network  by  2006.  Analysts  say  10G 
Ethernet  will  become  a  must-have  technol¬ 
ogy  for  such  highly  stressed  networks  —  in 
part  because  additional  bandwidth  goes  a 
long  way  toward  addressing  quality-of-serv- 
ice  issues. 

For  example,  VoIP  is  expected  to  take 
hold  in  the  enterprise  over  the  next  three 
years  as  businesses  replace  existing  PBX 
equipment  with  IP-enabled  PBXs.  To  ensure 
VoIP  quality  equals  that  of  traditional 
phone  lines,  the  voice  traffic  needs  dedicat¬ 
ed  bandwidth  and  must  be  prioritized  above 
other  traffic. 


“The  additional  bandwidth  of  10G  Ethernet 
makes  that  a  more  feasible  prospect,”  says 
Ben  Goldman,  director  of  product  market¬ 
ing  at  Cisco. 

“When  you  talk  about  communicating 
video,  voice  and  data  over  the  same  net¬ 
work,  10  Gig  just  makes  sense,”  Employ- 
ease’s  Alberg  says  .  “I  expect  convergence  to 
be  a  major  driver.” 

Web  services. 

Web  services  —  software  applications  that 
dynamically  interact  with  other  Web  appli¬ 
cations  using  open  standards  —  are  staking 
a  major  claim  in  the  enterprise.  A  recent 
survey  from  Evans  Data  Corp.  indicates  that 
Web  services  are  much  more  than  the  buzz¬ 
word  du  jour:  98%  of  the  respondents  (IT 
managers  at  large  U.S.  enterprises)  said  they 


will  develop  Web  services-enabled  applica¬ 
tions  in  the  next  two  years. 

While  the  definition  of  Web  services  is 
broad  and  ever-changing,  everybody  agrees 
that  the  practice  entails  transmitting  enor¬ 
mous  quantities  of  data  using  common 
Internet  protocols.  Goldman  says  this  could 
spur  10G  Ethernet’s  crossover  from  a  tech¬ 
nology  used  primarily  within  the  campus  to 
beyond-the-campus  applications.  “Web 
services  bring  a  need  for  very  high-speed 
connectivity  for  massive  amounts  of  data,” 
he  says.  “It’s  absolutely  a  major  driver  for 
10G  Ethernet.” 

Ulfelder  is  a  freelance  writer  in  South- 
borough,  Mass.  He  can  be  reached  at 
sulfelder@yahoo .  com . 


10G  ETHERNET  APPLICATIONS  IN  THE  ENTERPRISE 

Application 

Role  of  10G  Ethernet 

In  the  data  center 

Provides  a  scalable  uplink  from  server  clusters  linked  by  Gigabit 
Ethernet. 

Storage 

As  NAS  and  SANs  grow,  businesses  need  high-bandwidth  links 
to  reduce  latency. 

Extending  the  LAN 

Its  longer  fiber  runs  will  allow  LANs  to  break  free  of  campus 
boundaries,  extending  into  the  MAN. 

WAN  inroads 

10G  interoperates  with  OC-192  SONET  without  significant 
performance  loss. 

IP  convergence 

High-bandwidth  networks  will  be  a  must  for  enterprises  creating 
converged  voice/video/data  networks. 
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The  first  complete  enterprise  wiring  closet,  LAN  core,  and  data  center  solution 

Foundry  Networks’  Fastlron  Layer  2/3  switches  let  you  deploy  a  single  architecture  .  .  _  \ 

y  ,  >  i  b  JetCoreY 

enterprise-wide  that  yields  higher  performance,  better  R.OI,  and  low'er  Total  Cost  ASIC  — 

of  Ownership.  Fastlrons  have  unparalleled  port  density:  up  to  672  10/100  ports,  232  Gigabit  Ethernet 
ports,  or  14  10-Gigabit  Ethernet  ports  in  a  single  modular  system.  Featuring  sFlow,  Fastlron  switches 
provide  wire-speed  network  monitoring.  Plus  the  Fastlrons  offer  superior  QoS  and  multicast  capabil¬ 
ities,  wire-speed  bandwidth  management,  and  IronShield  security.  Learn  more  about  Fastlron  today  at 
1.888.TURBOLAN  (887-2652) or  www.foundrynetworks.com/fi. 
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The 

standards 

story 

The  recently  ratified  IEEE  10G 
Ethernet  standard  brings 
Ethernet  to  the  WAN,  details 
stringent  fiber  requirements, 
shuns  the  use  of  copper  and 
holds  the  line  on  packet  size. 


Because  of  the  stringent 
fiber  requirements  in  the 
802.3ae  standard,  "You 
really  have  to  take  a  look 
at  your  fiber  plant,  to 
determine  whether  it  will 
support  IOC.  says  Brian 
Young,  CIO  at  Hobart  and 
William  Smith  Colleges. 


MARTIN  CZAMANSKE 


BY  JOANNE  CUMMINGS 

Beyond  its  blistering  speed,  what  do  you  actually 
know  about  the  IEEE  802. 3 ae  standard  for  10 
Gigabit  Ethernet?  Ratified  in  June,  8Q2.3ae  retains 
much  of  what  you  know  and  love  about  Ethernet,  but  there 
are  several  areas  where  it  differs  markedly,  even  from 
Gigabit  Ethernet  —  differences  that  you  need  to  be  aware 
of  when  planning  a  10G  Ethernet  rollout. 


One  big  change  in  the  802. 3ae  standard  is 
its  specification  for  a  WAN  physical  layer,  or 
PHY,  in  addition  to  specifications  for  the  tra¬ 
ditional  LAN  PHYs.  “This  is  the  first  time 
an  Ethernet  standard  has  addressed  the 
WAN,”  says  Richard  Brand,  president  of  the 
10  Gigabit  Ethernet  Alliance  (10GEA)  and 
director  of  network  architecture  and  applica¬ 
tions  at  Nortel  Networks. 

The  new  10G  Ethernet  WAN  PHY  sup¬ 
ports  the  same  speed  as  OC-192  SONET 


(9.29G  bit/sec),  enabling  Ethernet  to  rev  up 
and  integrate  with  SONET  in  the  WAN 
while  retaining  traditional  packet  formats. 

Brand  notes  the  change  has  net  manage¬ 
ment  implications.  “Not  only  can  you  do 
SNMP  enterprise  net  management,  but  you 
now  have  the  option  of  doing  carrier-grade 
SONET  net  management  in  the  wide-area.” 

Copper  need  not  apply 

The  10G  Ethernet  standard  also  specifies 


ZEROING  IN 
ON  IEEE  802.3ae 


How  802.3ae  stacks  up  against 
older  802.3  standards. 

What's  the  same: _ 

Preserves  802.3  frame  format. 

Preserves  802.3  frame  size  (maximum 
1518-bytes). 

What’s  different: 

Supports  full-duplex  only  (previous 
802.3  standards  were  half-duplex). 

Supports  fiber  cabling  only  (previous 
802.3  standards  specified  copper 
cabling  as  well). 

Contains  both  LAN  and  WAN  PHYs 
(previous  802.3  standards  specified 
LAN  PHYs  only). _ 

WAN  PHY  data  rate  is  compatible  with 
OC-192  SONET  (the  first  802.3  standard 
designed  to  integrate  with  SONET  in 
the  wide-area). 
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TAKE  YOUR  ETHERNET  NETWORKS  DUTTHE  D  □  D  R  , 
ACROSS  TOWN,  AND  AROUND  THE  WORLD. 


Introducing  the  complete,  end-to-end,  next  generation  MAN  solution. 

You  can  extend  the  high  performance  and  low  cost  of  Ethernet  to  your  Metropolitan  Area  Network 
(MAN).  Foundry  Networks’  Global  Ethernet  MAN  solution  gives  you  high-speed  Internet 
connectivity  through  long-haul  Gigabit  Ethernet  or  Packet  Over  SONET  with  speeds  ranging 
from  OC-3  up  to  QC-48.  And,  beyond  bandwidth,  our  MAN  solution  comes  with  a  rich  set  of  service 
provisioning  and  delivery  capabilities  including  Quality  of  Service  (QoS),  bandwidth  management, 
security,  and  accounting  and  billing.  Combined  with  Foundry’s  proven  high-performance  switch 
architecture,  these  value-added  capabilities  help  you  evolve  your  business  by  turning  bandwidth 
into  revenue.  Visit  us  today  at  www.foundrynetwOrks.com.  Or  call  1.KHK.TUR130LAN. 
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fiber  cabling  only  —  no  copper  allowed  — 
and  it  gets  pretty  picky  about  the  types  of 
fiber  and  the  distances  supported  (see 
graphic,  below). 

“The  standard  is  definitely  pushing  the 
limits  of  some  of  the  older  fibers,”  Brand 
says.  For  example,  in  the  late  ’80s  and  early 
’90s  many  organizations  deployed  FDDI- 
grade  fiber  (850  nanometer,  62.5/125 
micron  multimode).  It  can  support  10G 
Ethernet  but  only  at  distances  of  less  than 
65  meters,  or  about  200  feet.  When  1310 
nm  optics  are  used,  the  distance  increases  to 


about  100  meters,  or  a  little  more  than  300 
feet.  That  may  work  for  linking  up  a  server 
farm,  but  it’s  likely  to  fall  a  bit  short  in  the 
backbone,  Brand  says. 

For  organizations  looking  for  longer  range 
solutions,  the  standard  does  support  newer 
multimode  fiber  (850  or  1310  nm,  50/125 
micron)  and  single-mode  fiber  (1310  and 
1550  nm). 

“That  starts  to  get  you  to  longer  distances,” 
Brand  says.  In  fact,  newer  multimode  fiber 
supports  distances  of  300  meters,  or  about  980 
feet,  while  single-mode  1310  nm  fiber  can 
support  distances  of  up  to  10  km,  or  about  6 
miles.  Single-mode  1550  nm  fiber  extends  the 
farthest,  up  to  40  km,  or  about  25  miles. 

“You  really  have  to  take  a  look  at  your 
fiber  plant,”  says  Brian  Young,  CIO  at 
Hobart  and  William  Smith  Colleges,  a 
liberal  arts  university  in  Geneva,  N.Y.  The 
school  currently  has  a  Gigabit  Ethernet 
backbone  based  on  the  Enterasys  Matrix  E7 
switch,  but  plans  to  upgrade  to  10G 
Ethernet  in  the  near  future.  “We  have  a 
hybrid  fiber  mix  in  place  now,  some  single¬ 
mode  and  some  multimode.  The  backbone 


is  all  single-mode,  though,  so  that  should 
support  lOGig  pretty  easily.” 

For  organizations  that  don’t  have  the  proper 
fiber  in  place,  Young  cautions  against  whole¬ 
sale  fiber  replacement  to  run  10  Gigabit. 
“When  people  say  they’re  replacing  their 
fiber,  I  cringe,”  he  says.  “Instead,  you  should 
just  add  to  your  fiber  plant  and  keep  the  old 
fiber  to  support  other  things,  such  as  your  fire 
alarm  system,  or  for  redundancy  and  failover.” 

To  ensure  the  fiber  is  adequate,  the  stan¬ 
dard  also  specifies  engineered  links,  which 
are  links  that  have  been  tested  to  ensure  the 


attenuation  of  the  signal  is  within  the  limits 
of  the  standard.  “We  had  to  write  that  into 
the  standard  for  the  40-km  option,”  Brand 
says,  noting  that  engineering  links  is  com¬ 
monplace  in  the  WAN  world  but  a  new  idea 
for  802.3.  “The  data  people  learned  a  lot 
from  the  telco  people  on  the  committee, 
especially  in  terms  of  the  optics,”  he  says. 

The  frame  remains  the  same 

WAN  and  fiber  specifications  aside,  the 
802. 3ae  standard  is  still  Ethernet.  It  retains 
Ethernet’s  traditional  frame  format,  as  well 
as  its  minimum  and  maximum  frame  sizes. 
Preserving  the  frame  size  was  a  controversial 
choice,  given  that  many  industry  watchers 
supported  a  move  to  Jumbo  Frames  to 
increase  performance  over  such  a  fast  link. 

At  10G  bit/sec  speeds,  Ethernet’s  small 
frame  size  —  1,518  bytes  —  can  lead  to  per¬ 
formance  issues,  says  Phil  Hippensteel,  an 
analyst  with  the  consultancy  Perfect  Order 
and  assistant  professor  in  the  School  of 
Information  Sciences  and  Technology  at 
Penn  State  University’s  Harrisburg  campus. 

This  is  due  to  the  delay  in  packet  retrans¬ 


mission,  he  says.  Hippensteel  has  conducted 
trials  where  a  frame  was  intentionally 
dropped  during  a  lOOK-byte  file  transfer  on 
a  10M  bit/sec  LAN.  “It  would  be  16  or  17 
segments  later  when  it  would  finally  be 
retransmitted,”  he  says.  “At  10G  bit/sec,  the 
problem  is  magnified.  If  you  have  a  high  bit¬ 
error  rate,  you  want  great  big  chunks  so  you 
don’t  have  to  retransmit  very  much.” 

The  primary  impetus  for  keeping  the  frame 
size  was  to  ensure  backward  compatibility 
with  traditional  Ethernet.  “Jumbo  Frames 
increases  performance  in  some  applications 
when  you  get  to  10  Gigabit  speeds,”  says 
Mike  Bennett,  a  senior  network  engineer  at 
Lawrence  Berkeley  Labs  in  Berkeley,  Calif., 
who  participated  in  the  standards  process. 
“But  if  we  want  Ethernet  to  support  Jumbo 
Frames,  we  really  need  to  go  back  and  do  a 
maintenance  revision  across  the  whole  of 
Ethernet,  standardizing  it  that  way.” 

Although  Jumbo  Frames  is  not  specified  in 
the  standard,  most  vendors  do  support  it  on 
10  Gigabit  equipment,  according  to  Val 
Oliva,  director  of  marketing  management  at 
Foundry  Networks  and  vice  president  of  the 
technical  committee  for  the  10GEA. 

“In  data  centers,  it’s  hugely  beneficial,”  he 
says.  For  most  applications,  however,  he  says 
Jumbo  Frames  isn’t  necessary.  “If  you  look  at 
the  traffic  patterns,  Telnet  uses  small  packets 
and  e-mail  is  very  small.  It’s  not  an  issue  for 
most  users,  so  it  didn’t  go  into  the  standard. 
But  for  those  who  need  it,  the  vendors  sup¬ 
port  it.” 

Because  it  is  true  Ethernet,  however,  the 
8Q2.3ae  standard  easily  supports  traditional 
Ethernet  applications,  including  those  based 
on  existing  Ethernet  standards  —  such  as 
802. IQ  for  virtual  LANs,  802. Ip  for  traffic 
prioritization  and  802. 3ad  for  link  aggregation 
—  making  it  an  easy  fit  for  most  enterprises. 

“The  management  tools  stay  the  same,  you 
just  have  a  larger  throughput,”  Young  says. 
“That’s  a  definite  plus.” 

Overall,  the  802. 3ae  standard  is  Ethernet, 
just  revved  up  to  support  a  wider  range  of 
applications,  Brand  says.  “It’s  Ethernet  and  it 
interacts  with  SONET,”  he  says.  “What 
more  could  you  ask  for?” 

Cummings  is  a  freelance  writer  in  North 
Andover,  Mass.  She  can  be  reached  at  jocum - 
mings@attbi.com. 


WATCH  THE  FIBER 

10  Gigabit  Ethernet  distance  support  varies  by  fiber  type. 

Fiber  type  Existing  MMF^  NewMMF^  SMF 

850nm  Serial  65  meters 

300  meters 

NA 

1310nm  WWDM/Serial  100  meters 

300  meters 

10  km 

1550nm  Serial  NA 

NA 

40  km  (DWDM  ready) 

MMF  -  Multimode  fiber 

SMF  -  Single-mode  fiber 

WWDM  -  Wide  Wave  Division  Multiplexing 
DWDM  -  Dense  Wave  Division  Multiplexing 

1  Also  known  as  FDDI-grade  fiber,  meets  TIA/EAI 568- 
A  cabling  standard  (62.5/125  micron) 

2  Also  known  as  10G  Ethernet  multimode  fiber,  meets 
TIA-492AAAC  cabling  standard  (50/125  micron) 
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DYNAMICS? 


Scaling  up  to  178,000,000  packets  per  second  of 
throughput  and  480  Gigabits  per  second  of  total  switching 
capacity,  the  Biglron  family  of  Layer  3  switches  leaves  competitors 
floundering  in  its  wash.  This  isn’t  just  a  revolution  in  speed. 

It’s  an  evolution  in  modular  design.  With  scalability  of  up  to  120  Gigabit 
Ethernet  ports,  Biglron  offers  the  highest  Gigabit  density  per  rack  in  the 
industry.  And  Biglron  supports  multi-protocol  routing  including  IP,  IPX, 

Appletalk,  OSI’F,  BGP4  and  multicast  protocol  standards.  Best  of 
all,  the  Biglron  family  protects  your  investment— -all  Biglron  modules  are 
interchangeable  among  the  Biglron  4000, 8000  and  1 50<  >0.  So  if  you  care  about  network 
performance,  call  Foundry  Networks  at  1 .888.TURBOLAN  (887-2652),  email 
m tofu  iou ndrynet.com  or  go  to  www.foundrynetworks.com/nc.  We’ll  get  you  up  to  speed 


The  Power  of  Performance 


TOG  Ethernet  requires  dealing 
with  fiber-optic  technology  on  a 
much  deeper  level  than  Gigabit 
Ethernet  does,  according  to 
Kevin  Walsh,  who  helped  imple¬ 
ment  10G  Ethernet  at  the  San 
Diego  Supercomputing  Center. 


CAROL  PEERCE 
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Learning  from 
the  pioneers 

Early  adopters  offer  the  keys  to  a 
successful  10G  Ethernet  rollout. 

BY  ELISABETH  HORWITT 

Anyone  who  thinks  that  10G  Ethernet  technol¬ 
ogy  is  simply  Gigabit  Ethernet  times  10  should 
talk  to  Kevin  Walsh,  senior  network  engineer 
at  the  San  Diego  Supercomputing  Center  (SDSC). 
“10G  Ethernet  is  not  plug  and  play  the  way  Gigabit 
Ethernet  is,”  warns  Walsh,  who  recently  implemented 
10G  Ethernet  within  his  organization.  “You  need  to  be 
a  little  more  experienced  in  optical  parameters,  or  you 
risk  damaging  very  expensive  equipment.” 


Enterprise  users  implementing  10G 
Ethernet  face  many  of  the  same  challenges 
as  did  the  early  implementers  of  Gigabit 
Ethernet, ATM  or  any  emerging  broadband 
network  technology.  They  must  stay  on 
top  of  the  latest  features  and  develop¬ 
ments,  make  the  business  case  to  upper 
management,  and  use  extra  care  in  choos¬ 
ing  a  vendor. 

But  10G  Ethernet  offers  new  challenges 
as  well.  Implementers  often  face  a  com¬ 
plex  task  in  configuring  multiple  levels  of 
aggregation.They  need  to  make  intelligent 
choices  between  multimode  and  single¬ 
mode  fiber,  and  between  LAN  and  WAN 
physical  layers  (PHY).  And  as  Walsh  points 
out,  they  need  to  deal  with  fiber-optic 
technology  on  a  much  deeper  level  than 


Gigabit  Ethernet  entails.  They  need  to 
know  when  and  how  to  take  power  read¬ 
ings  and  apply  attenuation,  for  example. 

We  corralled  a  handful  of  10G  pioneers 
and  experts  to  discuss  the  challenges  and 
provide  tips  for  a  successful  installation. 

Know  your  network,  know  your  vendor 

Detailed  documentation  is  crucial  for  any 
broadband  implementation,  but  especially 
for  10G  Ethernet.  For  starters,  do  a  survey  of 
your  existing  installation,  saysTrevia  Martin, 
a  vice  president  of  operations  at  network 
systems  integrator  Force  3. “You  might  run 
into  protocols  you  didn’t  know  you  had, 
like  Appletalk,"  which  she  says  may  not 
work  optimally  over  10G  Ethernet.  “The 
more  you  know  up  front,  the  more  you  can 


plan  during  the  design  and  engineering 
phase,  and  the  smoother  the  installation.” 

You  should  also  make  sure  that  your 
switches  and  routers  have  the  appropriate 
software  and  hardware  to  support  10G 
Ethernet,  notes  Richard  Nelson,  director  of 
computing  at  University  of  Southern 
California-Information  Sciences  Institute 
(USC-ISI).And  don’t  trust  product  litera¬ 
ture:  talk  to  the  vendor  directly.  ISI  had  to 
do  some  firmware  updates, “but  we  asked 
in  advance,  and  got  them  done  before  the 
[10G  Ethernets  board  arrived.” 

When  it  came  to  choosing  a  particular 
brand  of  10G  Ethernet  switch,  capacity 
and  performance  were  the  top  criteria  for 
Walsh  at  SDSC. The  organization  will  be 
one  of  the  core  nodes  ofTeragrid,  an  ongo- 
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ing  National  Science  Foundation-spon¬ 
sored  project  to  build  a  private  cross-coun¬ 
try  high-speed  backbone  that  will  enable 
scientific  and  research  organizations  to 
share  specialized  computers. 

At  the  time  Walsh’s  group  checked  the 
specifications  for  10G  Ethernet 
router/switches,  ForcelO’s  E1200  support¬ 
ed  the  most  10G  and  Gigabit  Ethernet 
interfaces  —  an  important  issue  given 
SDSC  will  be  using  the  switch  to  aggregate 
Gigabit  Ethernet  traffic  originating  from 
more  than  500  nodes  in  its  data  center. 

Another  key  vendor  selection  criterion  is 
support  for  the  IEEE  10G  Ethernet  stan¬ 
dard,  802.3ae.“If  you’re  linking  up  with  dif¬ 
ferent  parts  of  the  university,  with  different 
organizations  in  the  same  large  company, 
or  with  a  partner,  you  need  to  be  able  to 
interoperate  with  different  vendors’ 
boxes,”  Nelson  notes.  USC-ISI  is  using  stan- 
dards-compliant  Foundry  Biglron  switches 
to  link  to  the  main  USC  campus  and  to 
connect  to  high-speed  research  networks 
likeTeragrid  and  Internet2. 

10G  Ethernet  technology  is  still  matur¬ 
ing,  so  would-be  implementers  should  stay 
abreast  of  the  latest  technology  and  stan¬ 
dards.  One  important  recent  development: 
Jumbo  Frames,  which  supports  more  than 
six  times  the  maximum  amount  of  data 
allowed  by  a  standard  Ethernet  frame. 
“Jumbo  Frames  are  especially  useful  when 
you're  doing  bulk  file  transfers  over  long 
distances,”Walsh  says.  Larger  frames  trans¬ 
late  into  less  packet  overhead,  fewer  inter¬ 
rupts  and  a  smaller  CPU  load. 

Implementers  also  recommend  checking 
up  on  PHY  support  before  choosing  a  10G 
Ethernet  switch.  PHY  interfaces  determine 
what  type  of  fiber  and  network  devices  a 
given  10G  Ethernet  device  can  support. 
That,  in  turn,  affects  costs,  and  the  total  dis¬ 
tance  data  can  travel. 

For  example,  both  LAN  PHY  and  WAN 
PHY  support  single-mode  fiber,  which  can 
carry  data  over  greater  distances  than  multi- 
mode  fiber  (see  story,  page  6). 

Short  Reach  PHY,  which  runs  on  multi- 
mode  fiber  over  distances  of  up  to  300 
meters,  is  a  good,  inexpensive  choice  for  a 
data  center,  particularly  if  a  company  has 
already  installed  multimode  fiber  to  sup¬ 
port  a  Gigabit  Ethernet  IAN,  Walsh  says. 
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Preparing 

•  Bone  up  on  fiber-optic  technologies,  such  as  PHYs  and  fiber  modes. 

•  Learn  fiber  installation  and  maintenance  basics:  for  example,  how  to  set  optical 
parameters,  take  power  readings  and  apply  attenuation. 

•  Do  a  detailed  survey  of  your  legacy  network:  equipment,  applications  and  network 
protocols,  as  well  as  your  current  and  projected  bandwidth  needs. 

Choosing 

Nail  down  prospective  suppliers  on: 

•  Technical  support:  level  of  expertise  and  response  time. 

•  Compliance  with  10G  Ethernet  standards,  in  particular  802.3ae. 

•  Support  of  new  features  such  as  Jumbo  Frames. 

•  Range  of  PHYs  supported. 

•  Performance  and  capacity. 

Implementing 

•  Test  fiber  quality  and  cleanliness  of  connectors. _ 

•  Ensure  hardware  and  firmware  versions  of  existing  equipment  will  support  10G 
Ethernet. 

•  Allow  extra  time  to  get  fiber  brought  into  your  buildings. 

•  Address  QoS  issues  including,  response-time  sensitive  applications  and  slower 
network  segments. 


Avoiding  the  gotchas 

Testing  before  going  online  is  particularly 
key  for  a  10G  Ethernet  installation.  “It’s 
important  to  check  fiber  quality  and  clean¬ 
liness  of  connectors,  because  sensitivity  to 
dirt  is  higher  with  higher  data  rates,”Walsh 
says.  Invest  in  an  inexpensive  fiber-optic 
cleaning  kit, “and  make  sure,  when  you 
test,  that  you  take  power  readings  and 
apply  attenuation  as  necessary.” 

Even  with  10G  bit/sec  of  bandwidth  to 
play  with,  implementers  warn  that  quality 
of  service  (QoS)  can  still  be  an  issue.That’s 
particularly  true  for  metropolitan-area  net¬ 
work  (MAN)  and  WAN  connections,  and  for 
time-sensitive  and  real-time  applications, 
such  as  streaming  video  and  voice  over  IF 

“You  often  have  the  case  where  it’s  not 
all  10G  bit/sec  throughout  the  network, 
particularly  if  you’re  extending  over  a 
MAN  or  WAN,"  says  Will  Williams,  Force  3’s 
technical  lead  during  the  installation  of  a 
Foundry  10G  Ethernet  backbone  at  Walter 
Reed  Army  Medical  Center. 

And  watch  those  last  100  feet  that  termi¬ 
nate  a  10G  Ethernet  network  in  a  building, 
USC-ISI’s  Nelson  warns.  “A  lot  of  utilities 


have  fiber  available,  but  they  bring  the 
fiber  only  to  within  a  block  of  your  site,” 
he  says,  forcing  you  to  negotiate  with  the 
landlord  to  get  the  fiber  into  the  building. 
He  strongly  advises  implementers  to  start 
talking  early  to  whomever  owns  or  man¬ 
ages  the  building,  and  find  out  what  per¬ 
mits  are  necessary.  “For  us,  the  whole 
process  took  months.” 

Horwitt  is  a  freelance  writer  in  Waban, 
Mass.  She  can  be  reached  at 
ehorwitt@world.std.com. 
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Think  Foundry  Networks.  Foundry’s  powerful  LAN  Switching,  Web  Switching,  and  Wide 
Area  Routing  solutions  are  propelling  next  generation  networks  at  Global  1000  com¬ 
panies,  as  well  as  at  leading  MANs  and  ISPs.  Find  out  for  yourself  how  Foundry  can 
make  your  network  blast  off!  Contact  us  at  www.foundrynetworks.com. 
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■  TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 

■  VPNS  ■  NETWORKED  STORAGE 


Nortel  revitalizes  enterprise  strategy 


I  BY  PHIL  HOCHMUTH 

While  many  have  viewed  Nortel’s  busi- 
less  networks  group  as  being  largely  dor- 
nant  during  the  past  few  quarters,  a 
ecent  reorganization  and  a  new  IP  pred¬ 
ict  push  might  indicate  signs  of  renewed 
■nterprise  life. 

Nortel  recently  introduced  a  new  line- 
lp  of  IP  voice  hardware  and  software 
hat,  observers  say,  puts  it  back  on  the 
ame  playing  field  with  convergence 
rempetitors  Cisco,  Avaya,  Siemens  and 
Ucatel.New  BayStack  switching  products 
rom  the  company’s  long-quiet  data  net- 
vork  division  also  have  encouraged 
ome  Nortel  followers.  But  lots  of  uncer- 
ainty  remains. 

Financially,  Nortel  is  not  out  of  the  woods 
'et.  While  the  company  trimmed  its  losses 
)y  almost  50%  in  the  third  quarter  (ended 
>ept.  2)  from  the  same  quarter  a  year  ago,  it 
was  still  $1.8  billion  in  the  red.  Meanwhile, 
he  company’s  stock  still  hovered  around 
he  $1  mark  as  of  last  week. 

A  year  ago,  Nortel  reorganized  into 
hree  divisions:  long-haul  optical,  wire- 
ess  and  metropolitan-area  networks.  It 
ater  added  the  term  “enterprise”  to  its 
metropolitan  division  to  assuage  enter- 
Drise  customers  worried  about  a  lack  of 
:ocus  on  their  needs. 

Last  month,  Nortel  shook  up  its  organi¬ 
sation  for  the  second  time  in  12  months, 


■  Dell  and  storage  vendor  EMC  will 
celebrate  the  one-year  anniversary  of 
their  alliance  with  the  launch  of  a  low- 
end  storage  system.  The  companies 
last  week  unveiled  the  Clariion  CX 
200,  a  new  entry-level  storage  prod¬ 
uct  that  they  developed  together.  The 
5  CX  200  is  the  third  in  a  line  of  Clariion 
|  CX  Fibre  Channel  arrays  for  midsize 
[  companies  and  branch  offices.  EMC 
earlier  this  month  introduced  the 
Clariion  CX  400,  following  the  August 
launch  of  the  CX  600.  The  CX  200  will 
be  available  worldwide  in  December. 
Pricing  information  and  technical 
details  were  not  immediately  available. 
www.dell.com; www.emc.com 


creating  four  divisions  —  wireline,  wire¬ 
less,  enterprise  and  optical.  Now  Nortel 
has  broken  enterprise  out  as  its  own 
stand-alone  division,  along  with  its  new 
wireline,  optical  and  wireless  network 
groups. 

Nortel’s  flip-flopping  between  enterprise 
and  carrier  plans,  coupled  with  poor  over¬ 
all  financial  results,  has  spooked  a  lot  of 
CIOs,  some  observers  say 

“They’re  going  through  some  financial 
difficulties,  and  they  have  publicly  said 
they  are  an  optical  company,  which  leaves 
enterprise  customers  wondering,”  says 
Sam  Wilson,  a  network  industry  analyst 
and  vice  president  with  Merrill  Lynch. 
“There  are  a  lot  of  questions  in  CIOs’ 
minds  as  to  whether  Nortel  is  committed 
to  the  enterprise  space  or  not.  That’s  one 
perception  issue  Nortel  needs  to  address.” 


While  Nortel  and  most  other  data  net¬ 
work  vendors  play  second  fiddle  to  Cisco 
in  corporate  networks,  Nortel  also  has 
lagged  in  the  converged  PBX  arena,  a  mar¬ 
ket  the  company  should  be  winning  with 
its  background  in  telephony  analysts  say 

“To  a  lot  of  large  enterprises,  Cisco  is  like 
a  warm  blankie  —  they’ve  got  $200  billion 
in  cash,  and  they’re  totally  committed  to 
the  [enterprise]  customer, ’’Wilson  adds. 

As  far  as  being  a  product-for-product 
alternative  to  Cisco  in  both  the  IP  tele¬ 
phony  and  enterprise  infrastructure  mar¬ 
kets,  Nortel  is  still  the  only  game  in  town, 
according  to  Mark  Fabbi.a  vice  president 
at  Gartner. 

“The  main  battle  for  enterprise  network¬ 
ing  is  being  waged  between  Cisco  and 
Nortel,”  Fabbi  said  last  month  in  a  session 
at  the  Gartner  Group  Symposium  ITXpo. 


He  noted  that  Nortel  is  one  of  the  few 
companies  that  can  match  Cisco  in  terms 
of  offering  comparable  products  in  the 
major  enterprise  network  categories  such 
as  Gigabit  Ethernet,  wireless,  WAN/ 
VPN  routing,  Layer  4  to  7  switching  and 
IP  telephony 

“The  rumors  of  Nortel’s  abandoning  the 
enterprise  market  are  largely  the  propa¬ 
ganda  of  other  vendors,”  Fabbi  added. 
“And,  in  fact,  we  are  seeing  a  renewed 
commitment  from  Nortel  to  this  market.” 

One  user  who  agrees  with  this  assess¬ 
ment  is  Randy  Anderson,  director  of  net¬ 
working  engineering  and  technology  at 
George  Mason  University  in  Fairfax, Va. 

“We  have  lots  of  their  stuff,  and  they’ve 
been  a  really  good  partner  for  us  up  to 
this  point,”  he  says. The  network  at  Mason 
See  Nortel,  page  16 


Check  Point's 
CEO  tackles 
security  issues 


Check  Point  Software  needs  this 
quarter  to  be  its  biggest  in  years 
for  revenue  if  it  hopes  to  match  last  year's  revenue 
figure  of  $528  million.  The  company  also  is  in  the 
midst  of  a  slide  in  its  stock  prices  from  a  high  of 
about  $50  per  share  to  a  low  of  $10.37.  This,  despite 
claims  by  potential  customers  of  the  firewall/VPN 
vendor  that  security  has  higher  priority  now  more 
than  ever.  The  company  also  reported  results  of  a 
test  it  commissioned  that  found  that  its  gear  —  sur¬ 
prise  —  outperformed  similarly  priced  gear  from 
competitors  Cisco  and  NetScreen  Technologies. 
Check  Point  Chairman  and  CEO  Gil  Schwed  re¬ 
cently  discussed  these  developments  and  others 
with  Network  World  Senior  Editor  Tim  Greene. 

Our  readers  say  that  even  though  their  budgets  are  cut,  security  is 
a  heightened  priority.  What  does  that  do  to  your  revenue? 

Many  people  renew  licenses,  and  that  is  a  very  good 


source  of  revenue.  Many  people  extend  existing  infra¬ 
structure  and  buy  a  little  bit  more.  That’s  another  part.  We 
do  see  a  number  of  large  projects.  Actually,  the  surprising 
part  is  we  see  today  more  large  projects  than  we  saw 
before.  The  negative  news  is  that  people  are  very  very 
cautious  on  spending.  In  the  past,  these  large  projects 
were  closing  in  three  to  six  months.Today  it  can  be  six  to 
18  months  to  close  because  they  are  very,  very  cautious 
about  their  spending. 

Are  these  large  projects  by  virtue  of  shifts  from  another  vendor 
or  technology,  or  are  these  new  companies? 

It’s  existing  companies,  a  company  that  has  100  firewalls 
built  over  five  years  by  10  different  departments,  and  they 
now  want  to  buy  infrastructure  to  manage  it  consistently 
to  really  streamline  the  security  policy.  Most  of  it  is  reorga¬ 
nizing  and  buying  management  infrastructure. The  other 
projects  are  replacement  of  frame  relay  links  about  usage 
of  broadband  to  [access]  the  Internet  instead  of  legacy 
networks.There  we  see  projects  that  range  from  connect¬ 
ing  five  sites  to  connecting  18,000  offices  in  an  extranet. 

What  are  your  thoughts  on  Check  Point  and  appliances?  Will 
there  be  Check  Point-manufactured  appliances? 

I  think  that  we  dominate  the  appliance  arena  with  part¬ 
nerships.  Nokia  is  by  far  our  most  successful  partner  —  our 
premiere  partner.  Appliances  gained  reputation  over  the 
past  few  years  of  devices  that  are  easy  to  maintain  and 
which  provide  high  performance.  Appliances  moved  from 
being  10%  of  the  market  to  around  50%  of  the  market. 
Appliances  are  pieces  of  hardware  running  software.  An 
open  server  running  software  is  also  doing  the  same  kind 
of  job  and  in  most  cases  they  use  similar  architectures. 

See  Check  Point,  page  16 
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“We  have  met  the  enemy,  and  he  is  us.” 

—  Walt  Kelly, 
www.igopogo.com/we_have_met.htm 

Given  that  almost  all  technology  compa¬ 
nies  are  reporting  less-than-expected  rev¬ 
enue  and  earnings,  Microsoft  stands  out 
with  its  report  for  the  quarter  ended  Sept. 
30.  Stands  out  like  a  sore  thumb. 

The  company  reported  record-high  rev¬ 
enue.  Now  a  lot  of  Microsoft’s  revenue 
comes  from  licensing  of  operating  systems 
and  applications  to  computer  manufactur¬ 


Microsoft  pricing:  You  were  warned 


ers  (aka  OEMs)  to  bundle  with  their  prod¬ 
ucts.  But  all  the  major  PC  makers  have 
reported  lackluster  sales  during  the  past 
year  or  so.  In  that  case,  where  did  Microsoft 
make  its  money? 

According  to  many  business  periodicals, 
revenue  was  boosted  by  the  new,  subscrip¬ 
tion-style  licensing  Microsoft  adopted  — 
and  then  forced  on  users  with  the  threat  of 
even  higher  prices  should  they  not  go 
along  with  the  so-called  Software  Assur¬ 
ance  program.  Even  CEO  Steve  Ballmer 
credited  the  revenue  rise  to  the  software- 
subscription  ploy. 

We  pundits  tried  to  tell  you  that  signing  up 
for  Software  Assurance  was  not  going  to  be 
helpful  to  you;  that  the  only  way  to  save 
money  was  to  refuse  this  gambit  and  make 
Microsoft  rethink  its  position.  But  evidently 
when  it  came  to  the  showdown,  a  lot  of  you 
blinked  —  then  signed  on  the  dotted  line  to 


set  up  your  Microsoft  subscription  service. 

Now  not  only  are  users  and  administra¬ 
tors  locked  in  to  the  subscription  price,  but 
also  it  becomes  hard  to  switch  applications 
and  operating  systems.  Not  only  is  the  busi¬ 
ness  community  giving  Microsoft  record 
revenue  at  a  time  when  other  high-tech 
companies  are  drowning  in  red  ink,  but  it 
also  is  assuring  Microsoft  a  de  facto 
monopoly  on  the  desktop  for  the  foresee¬ 
able  future. 

We  thought  it  was  the  politicians  who 
were  ignoring  the  voice  of  the  people 
when  the  U.S.  Department  of  Justice 
offered  a  watered-down  settlement  of  its 
antitrust  case  against  Microsoft.  We  were 
wrong.  The  people  appear  to  want  the 
monopoly 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 


Valley.  He  can  be  reached  at  wired@ 
vquill.com 


Tip  of  the  Week 


Adam  Gaffin's  Compend¬ 
ium  column,  online  at 
Network  World  Fusion  (http: 
//napps.nwf  usion.com/com- 
pendium),  lately  has  fea¬ 
tured  all  sorts  of  alterna¬ 
tives  to  Microsoft  Outlook  — 
some  good,  some  vapor¬ 
ware  and  some  bizarre.  But 
you  should  check  —  you 
never  know  when  a  gem  will 
come  to  light! 


Nortel 

continued  from  page  15 

has  about  10,000  nodes  and  uses  Nortel 
Passport  8600  routing  switches  on  its 
Gigabit  Ethernet  core,  BayStack  switches 
in  its  closets  and  some  IP  telephony  and 
voice-over-lP  (VoIP)  gear. 

The  introduction  of  new  BayStack 
switches,  with  features  such  as  copper 
Gigabit  and  inline  power  during  the  past 
six  months  have  been  encouraging, 
Anderson  says. 

Nortel's  market  challenges 

Observers  say  Nortel  must  execute 
in  several  areas  to  take  enterprise 
market  share  away  from  competitors: 

•  Win  back  customer  confidence 

After  focusing  so  much  on  its  carrier 
business  for  the  past  several  years, 
Nortel  must  reassure  enterprise 
customers  that  it  won't  leave  them 
high  and  dry. 

•  Capitalize  on  installed  base 

While  Nortel's  market  share  in  LAN 
switching  and  IP  telephony  is  small, 
it  is  the  leading  PBX  voice  vendor. 
The  company  must  be  able  to  turn 
itsTDM  voice  customers  into  IP 
users. 

«  Innovate  in  IP  telephony 

Instead  of  coming  to  market  late 
with  support  for  basic  IP  telephony 
features,  Nortel  must  become  a 
leader  in  pushing  them  to  market. 


“We  were  more  hesitant  about  [Nortel’s] 
future,”  a  year  ago,  Anderson  says.“We  did¬ 
n't  hear  much  about  their  future  in  the 
enterprise  business  for  a  long  time.  We 
heard  a  lot  about  their  optical  plays  and 
telephony  stuff,  but  very  little  about 
routers  and  switches.  .  .  .  This  year,  they 
seem  to  have  a  much  more  focused  com¬ 
mitment  on  the  enterprise  side.” 

Still  ,  the  behav  ior  of  Anderson’s  top  ven¬ 


dor  has  caused  him  to  plan  for  a  possible 
future  without  Nortel  or  one  that  is  less 
reliant  on  the  company 

“We’re  starting  to  hedge  our  bets  a  bit,” 
he  says.  “We’ve  looked  at  some  alterna¬ 
tives  to  make  sure  we  know  what’s  avail¬ 
able  if  a  time  comes  when  we  have  to 
make  some  drastic  changes  in  our 
infrastructure.” 

But  there  is  little  doubt  Nortel  has  some 
catching  up  to  do  in  the  enterprise  mar¬ 
ket.  Nortel  was  the  fourth-highest-selling 
LAN  switch  maker  last  year,  according  to 
IDC,  behind  Cisco,  3Com  and  Hewlett- 
Packard.  Nortel  came  in  fifth  in  IP  PBX 
sales  in  2001,  with  only  5.4%  of  the  $881 
million  market.  The  firm  leads  in  some 
categories,  such  as  Secure  Sockets  Layer 
accelerators,  garnering  30%  of  the  $21 
million  market  so  far  this  year,  according 
to  Infonetics  Research. 

Nortel’s  $617  million  in  enterprise  sales 
last  quarter  accounted  for  26%  of  the 
firm’s  overall  $2.3  billion  in  revenue.  And 
while  its  enterprise  business  was  down 
4%  last  quarter,  this  was  an  improvement 
over  the  past  five  quarters,  where  the  busi¬ 
ness  unit’s  revenues  declined  by  an  aver¬ 
age  of  1 1%  per  quarter. 

“There’s  been  a  lot  of  [fear,  uncertainty 
and  doubt]  from  competitors  that  we 
don’t  have  an  IP  story/’  says  Oscar  Rod¬ 
riguez,  Nortel’s  newly  installed  president 
of  Enterprise  Networks  business.  “But  if 
you  look  back  since  the  spring,  you’ll  see 
we’ve  delivered  big  chunks  of  our  IP  tele¬ 
phony  portfolio  this  year.” 

He  cites  the  announcements  of  new 
products  such  as  stackable  switches, 
enhanced  SSL  and  firewall  load-balanc¬ 
ing,  remote-office  VoIF?  WAN  and  VPN  con¬ 
nectivity,  and  the  imminent  release  of  the 
company’s  Session  Initiation  Protocol- 
based  VoIP/messaging  server. 

To  users  such  as  George  Mason’s 
Anderson,  that  is  the  track  it  should 
be  on. 

“They're  doing  some  of  the  right  things,” 
Anderson  says  of  Nortel.  “Maybe  they  are 
here  to  play.”B 


Q  A 

Check  Point 

continued  from  page  15 

I  was  actually  thinking  of  appliances  built 
by  Check  Point  rather  than  obtained  via 
partners. 

I  think  what  we’ve  been  doing  in  a 
better  way  is  work  with  partners.  We 
created  better  appliances  basically 
because  the  appliance  partners  we 
have  are  doing  a  very  good  job  in  an 
open  market.  Sometimes  it’s  easy  for  us 
to  say  ‘We  have  everything,  just  get  it 
from  us,’  but  in  the  end  it’s  not  the  right 
thing  for  the  customer.  I  see  situations 
today  where  one  appliance  vendor  will 
have  a  $3,000  solution  and  another  will 
have  an  $800  solution.  It’s  not  clear 
what’s  the  right  choice  for  the  cus¬ 
tomer.  The  $800  one  may  not  give  the 
customer  everything  they  need,  and 
the  $3,000  may  be  too  expensive  or  too 
complicated.The  fact  that  we  have 
internal  competition  drives  us  forward 
in  a  very  big  way 

These  open  server  platform  vendors  seem 
to  introduce  different  security  applications 
to  them.  What  is  your  road  map  for  adding 
different  types  of  security  to  your  current 
software? 

We  work  with  partners,  so  we  don’t 
necessarily  plan  to  offer  it  on  our 
own.You  can  take  an  Intel-based  plat¬ 
form  or  a  Sun-based  platform  and  run 
on  it  multiple  pieces  of  software  that 
integrate  very  nicely. Some  customers 
say  religiously  they  want  different  in¬ 
trusion  detection  running  on  a  differ¬ 
ent  device  than  the  firewall,  and  some 
customers  would  say  the  other  way 
around.  We  see  all  kinds  of  combina¬ 
tions  running  around. 


i 


So  you're  pretty  much  going  to  stick  with 


the  partners  and  not  go  with  adding  more 
to  your  own  line? 

Well,  we  add  more  to  our  own  line 
all  the  time,  but  we  try  to  make  this 
more  in  terms  of  breaking  new 
ground  rather  than  competing  with 
existing  vendors.  Not  that  we  necessar¬ 
ily  won’t  compete  with  any  existing 
products  or  category  in  the  market¬ 
place,  but  I  think  there  is  plenty  for  us 
to  do  without  trying  to  imitate  or  com¬ 
pete  with  other  people. 

What  new  ground  are  you  talking  about9 

One  example  is  something  we  did 
with  SmartDefense,  which  is  redefin¬ 
ing  what  the  firewall  does  for  you 
and  making  the  firewall  a  much 
smarter  platform.  Another  is  scaling 
the  ability  to  manage  various  sys¬ 
tems.  For  example,  we’ve  developed 
in  one  of  the  most  advanced  parts  of 
the  products  that  we  have  is  the  abili¬ 
ty  to  collect  and  manage  very  large 
amounts  of  log  information. This 
capability  is  not  only  important  in 
our  product,  but  the  fact  that  we  can 
use  that  to  collect  data  from  other 
systems  is  [also]  new  ground  be 
cause  it  talks  about  technologies  for 
event  correlation.You’ll  be  able  to  see 
for  a  certain  user  this  is  where  they 
crossed  the  firewall,  this  is  where  they 
accessed  the  Web  site,  this  is  how 
they  accessed  the  application.You 
can  consolidate  all  that  information 
and  not  just  see  it  as  five  different 
entries  that  are  logged  and  separated 
in  five  different  systems. 

Do  any  of  these  possible  new  areas  involve 
Check  Point  having  to  make  acquisitions? 

The  chances  of  us  making  a  major 
acquisition  are  not  very  high,  but  if  we 
find  the  right  technologies  or  the  right 
companies  in  those  areas,  we  won’t 
hesitate.  ■ 


WHEN  YOU  CAN 


©server 


The  new  IBM  (©server  BladeCenter.™  Now  you  can  remotely  deploy  new  servers  in 
minutes  rather  than  hours  or  days.1  Inside  the  new  BladeCenter,  individual  blade  servers 
can  be  hot-swapped  in  and  out  of  a  single  chassis?  And  because  BladeCenter 
uses  Intel®  Xeon™  processor-based  blades,  you  get  flexibility  without  sacrificing  the 
performance  you  need  for  your  data  center.  The  result  is  an  incredibly  dynamic  systems 
environment,  one  that  lets  you  easily  manage  and  integrate  your  storage,  network  and 
applications.  You  can  scale  out  to  add  capacity,  reconfigure  on  the  fly  and  create  an 
infrastructure  with  no  single  point  of  failure.  To  get  an  interactive  demo  on  BladeCenter,  or 
for  special  financing  information,  visit  ibm.com/eserver/bladecenter  or  call  1 800  426-7777 
and  mention  priority  code  102AX004.  (g>A*fcss  it  Fytb«0r.~ 
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:i!  va» /  depending  upon  configuration  and  other  factors  'Blade  servers  for  BladeCenter  are  sold  separately  IBM.  the  e-business  logo.  eServer  BladeCenter  and  e-busmesS  is  tfiegQ/nfs.  Ptgy  10  win  are  trademarks  orregis 
ss  Mac  •  ines  Corporation  in  the  United  States  and/or  Other  countries  Intel,  the  Intel  Inside  logo  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corpora!  bsidiaries  in  the  United  States  and 

i  ervice  names  may  be  trademarks  or  service  marks  of  Others.  ©2002  IBM  Corporation.  All  rights  reserved  . 
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Storage  advances  to  boost  throughput 


■  BY  DENI  CONNOR 

New  storage  connectivity  technology  is  on  the  hori¬ 
zon  that  promises  faster  performance,  greater  scala¬ 
bility  and  more  flexibility  for  companies  of  all  sizes. 
The  two  technologies  expected  to  take  center  stage 
early  next  year  are  Serial  Advanced  Technology 
Attachment  (SATA)  and  Serial  Attached  SCSI  (SAS).SATA 
and  SAS  are  point-to-point  connections  for  attaching 
servers  to  internal  or  closely  located  storage. The  SATA 
and  SAS  connections  consist  of  a  controller,  which  fits  in 
a  PCI,  PCI-X  or  PCI  Express  slot  in  the  PC  or  server  and 
attaches  to  ATA  or  SCSI  drives. 

Fujitsu,  Seagate  and  Maxtor  are  expected  to  introduce 
SATA  drives  this  year;  IBM,  Dell  and  Hewlett-Packard  will 
introduce  PCs  and  servers  that  integrate  the  SATA  specifi¬ 
cation  early  next  year.  SAS  products  will 
start  to  appear  in  2004,  vendors  say 
Analysts  say  they  expect  SATA  and  SAS 
controllers  and  drives  to  replace  the  cur¬ 
rent  parallel  ATA  and  parallel  SCSI  used 
now  in  servers  and  workstations.They  say 
SATA  will  be  used  in  entry-level  to 
midrange  servers  where  cost  is  an  issue; 
whereas  SAS  will  be  implemented  in  high- 
end  and  midrange  servers  running  busi¬ 
ness-critical  data  center  applications. 

Gartner  expects  the  number  of  ATA/SATA 
drives  to  exceed  9.2  million  in  2006  from 
2.4  million  drives  this  year.  1DC  estimates 
that  SATA  drives  will  represent  nearly  100% 
of  all  ATAs  shipped  in  2005. 


Sated  with  SATA 

The  SATA  connection  is  designed  for  reli¬ 
able  operation  in  servers  that  are  hosting 
static  Web  pages  or  running  file/print  appli¬ 
cations  and  to  replace  parallel  ATA  imple¬ 
mentations.  Parallel  ATA,  analysts  say  has  reached  the  end 
of  its  capabilities. 

The  technology  was  introduced  in  the  1980s  and  is  the 
standard  storage  interface  for  PCs  and  servers.  It  is  a  rela¬ 
tively  simple  interface  that  performs  as  fast  as  66M 
byte/sec.  But  as  dominant  as  parallel  ATA  is  it  suffers  from 
three  limitations  that  become  more  important  as  servers 
become  faster  and  more  robust. 

Parallel  ATA  uses  5-volt  signaling,  which  limits  its  use  as 
companies  try  to  reduce  chip  voltages  and  the  use  of 
large  chip  pads.lt  uses  an  18-inch  long,  two-inch  wide  rib¬ 
bon  cable  with  40  pins,  which  when  squeezed  into  a  serv¬ 
er  chassis  severely  rastricts  the  available  space  for 
installing  peripheral  adapters  and  disk  drives  and  restricts 
airflow,  thus  causing  heat  problems.  Parallel  ATA  also  has 
data  protection  issues  that  limit  its  reliability  —  it  uses 
only  a  cyclic  redundancy  check  and  performs  no  check¬ 
ing  of  the  ATA  command  data. 

“Parallel  ATA  was  never  designed  to  be  used  in  transac¬ 
tion-rich  environments  where  you  want  all  the  error  cor¬ 
rection  enabled  that  you  can,” says  Dave  Reinsel,  research 
manager  with  1DC. 

lastead,  Reinsel  says,  it  was  used  in  environments  where 
one  drive  was  attached  to  a  server  and  because  of  the 
applications  run  on  it,  was  not  as  robust  from  an  error 


correction  point-of-view  as  SCSI  was. 

With  SATA,  the  cables  that  attach  drives  to  the  server  are 
thinner,  longer  and  more  flexible  —  they  are  1  meter 
long,  much  thinner  than  the  customary  ribbon  cable  and 
have  a  six-pin  connector  —  making  it  easier  to  install. 
SATA  also  supports  hot-pluggable  drives,  letting  IT  man¬ 
agers  replace  failed  or  troublesome  drives  without  taking 
the  server  down. 

IT  managers  say  SATA  will  be  a  boon  to  server  configu¬ 
ration  and  installation. 

“If  someone  can  replace  the  ribbon  cables  in  machines 
with  a  thin,  round,  serial  cable,  I’m  all  ears,” says  Jeff 
McMillan,  the  owner  of  McMillan  Consulting  in  Olympia, 
Wash.“I  fight  with  ribbon  cables  in  PCs  all  the  time  — 
they  are  cumbersome,  typically  too  short,  accommodate 
too  few  devices  and  have  connectors  that  I’m  always 


afraid  I’ll  pull  the  ribbon  out  of  the  connector. They  are 
difficult  to  seat,  especially  when  light  is  dim.  If  you  spread 
drives  around  in  the  box,  it’s  a  real  pain  to  make  the  con¬ 
nections  reach.” 

Another  IT  manager  says  SATA  use  will  make  a  differ¬ 
ence  in  configuring  his  servers  —  it  also  will  boost 
server  performance  and  troubleshooting. 

“I’m  interested  in  SATA  for  its  speed  and  backward-com¬ 
patibility  with  legacy  ATA  devices,  also  its  hot-plug  capa¬ 
bility  says  Randall  Dalton, systems  engineer  for  Bibb  and 
Associates  in  Lenexa,  Kan.  Bibb  and  Associates  is  a  large 
architectural  and  engineering  firm  that  is  owned  by  Fteter 
Kiewit  Sons,  a  $3  billion  company  Bibb  has  25  Windows 
NT  4, Windows  2000  and  NetWare  6  servers. 

SATA  will  be  delivered  into  two  phases:  SATA  I  and  II. 
SATA  I  improves  the  use  of  SATA  devices  in  server  and 
storage  environments  by  supporting  hot-pluggable  drives 
and  providing  longer  cabling,  improved  reliability  and 
higher  performance. 

SATA  II  adds  additional  features  and  increases  perfor¬ 
mance  from  150M  to  300M  byte/sec.  SATA  II  devices, 
which  will  be  backward-compatible  to  SATA  I,  will  be 
available  next  year.  SATA,  with  a  maximum  data  transfer 
rate  that  will  increase  to  600M  byte/sec  over  time,  also  is 
backward-compatible  with  parallel  ATA  devices. 


Getting  sassy  with  SAS 

SAS,  on  the  other  hand,  will  be  used  in  servers  running 
mission-critical  applications  and,  in  many  cases,  analysts 
say  as  an  alternative  to  deploying  Fibre  Channel  storage- 
area  networks  (SAN).  It  will  replace  parallel  SCSI,  which  is 
at  the  end  of  its  life  in  terms  of  performance  and  scalabil¬ 
ity  Reinsel  says.  Parallel  SCSI  performs  at  a  maximum  of 
320M  byte/sec  and  only  at  half-duplex;  SAS  achieves 
bandwidth  of  as  much  as  600M  byte/sec  and  operates  in 
full-duplex  mode,  in  which  data  flows  bidirectionally 

“Serial  Attached  SCSI  is  a  different  animal,”  Reinsel  says. 
“It  is  strictly  an  enterprise  play  designed  to  replace  parallel 
SCSI  and  to  compete  with  Fibre  Channel  and  SATA.” 

SAS,  because  it  is  relatively  inexpensive  and  easier  to 
install  than  Fibre  Channel,  will  replace  SANs  in  some 
instances,  Reinsel  says.  Customers  who  want  to  deploy 


small  point-to-point  Fibre  Channel  SANs,  in  which  one 
array  attaches  to  one  server,  will  be  attracted  to  SAS. 

Furthermore,  customers  are  familiar  with  SCSI  and  not 
Fibre  Channel. 

“Companies  are  going  to  be  more  likely  to  invest  in 
legacy-proven  technology  such  as  Serial  Attached  SCSI 
and  in  products  they  have  installed  and  where  they  have 
expertise,  more  so  than  some  of  the  latest,  greatest  and 
newest  technologies,  because  they  have  cost  issues  they 
need  to  solve,"  Reinsel  says. 

IDC  says  SAS  drives  will  account  for  about  50%  of  the 
market  by  2005. 

SAS  uses  the  same  connector  style  as  SATA,  and  the 
same  signaling  and  encoding,  making  it  a  reliable  choice 
for  customers  who  don’t  want  to  install  Fibre  Channel.  It 
supports  all  the  features  of  parallel  SCSI  and  has  better 
performance  and  reliability  while  remaining  backward- 
compatible  with  SATA  devices.  It  also  is  scalable  outside 
the  box  to  128  devices  rather  than  the  16  devices  that  par¬ 
allel  SCSI  supports. 

“I’d  likely  [use  SAS]  in  places  where  we  do  not  want  to 
spend  the  money  on  Fibre  Channel,  assuming  SAS  comes 
in  cheaper  than  Fibre  Channel," says  Geoffrey  Carman, 
senior  technical  support  analyst  at  York  University  in 
Toronto.B 


Storage  swap 


Storage  technologies  known  as  Serial  Advanced  Technology  Attachment  (SATA)  and  Serial  Attached  SCSI 
(SAS)  will  take  over  existing  parallel  storage  wares  in  the  next  four  years.  Here’s  how  they  stack  up: 
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BUSINESS  TECHNOLOGY  OPTIMIZATION 

The  intelligent  way  to  reap  the  rewards  of  your  IT  investment. 


Your  company  has  paid.  And  built.  A  lot.  All 
because  of  an  exciting  vision.  The  vision 
that  IT  would  send  your  company  charging 
toward  its  business  goals  faster  than  ever 
before.  So  have  you  paid  enough?  You  have. 
With  Mercury  Interactive’s  new  Business 
Technology  Optimization  suite 
your  company  will  at  last  realize 
the  full  power  of  your  IT 
investment.  You’ll  finally  see 


'm 


IT  costs.  Improving  the  quality  of  IT-enabled 
business  processes.  And,  most  importantly, 
aligning  IT  with  your  business  goals.  Can  it 
really  work?  Mercury  Interactive  has  spent 
the  last  thirteen  years  helping  75%  of  the 
Fortune  500  in  remarkable  ways.  Be  absolutely 
sure  to  learn  more  about 
Mercury  Interactive’s  new 
comprehensive  BTO  solutions 
by  viewing  our  Webcast  today  at 


tangible  results  by  reducing  MERCURY  INTERACTIVE  www.mercuryinteractive.com/cxo_  comer/nw 

C  2002  Mercury  Interactive  Corporation.  Mercury  Interactive  and  the  Mercury  Interactive  logo  are  registered  trademarks  of  Mercury  Interactive  Corporation 
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it's  so  far  forward,  it's  a  shame  to  call  it  backup. 

Apparently  the  word  is  out  everywhere.  BrightStor™  ARCserve  Backup  is  among  the  most  reliable  and  widely  used 
backup  solutions  in  the  world.  In  fact,  hundreds  of  thousands  of  people  rely  on  BrightStor  ARCserve  Backup 
technology  to  protect  their  critical  servers.  Now  we've  created  BrightStor™  ARCserve  Backup  v9,  the  most  advanced 
version  ever.  As  part  of  the  BrightStor™  line  of  storage  management  solutions,  BrightStor  ARCserve  Backup  v9  is  amazingly  powerful  yet 
one  of  the  simplest  to  use  and  easiest  to  install  solutions  out  there.  In  fact,  most  users  can  perform  their  first  backup  within  20  minutes 
of  start-up.  And  that  means  it's  the  perfect  backup  software  choice  for,  well,  just  about  everyone.  ca.com/brightstor/arcserve9 


ARCserve  v9 
is  here 


BrightStor™  ARCserve®  Backup 


Computer  Associates™ 


©  2002  Computer  Associates  International,  Inc.  (CA).  All  rights  reserved. 
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Content  mgmt  gets  collaboration  features 


■  BY  JENNIFER  MEARS 

Dow  Corning  installed  its  content  man¬ 
agement  system  in  1996,  using  the  software 
to  manage  everything  from  project  docu¬ 
mentation  to  material  safety  data  sheets  to 
technical  reports.  It  also  used  the  Docu- 
mentum-supplied  system  for  some  light 


collaboration,  such  as  document  sharing, 
within  the  company 

Two  years  ago,  the  silicon  manufacturer 
realized  it  needed  a  way  to  share  informa¬ 
tion  and  work  with  partners,  suppliers  and 
customers  outside  its  corporate  network.  It 
deployed  eRoom  Technology’s  collabora¬ 
tion  software. 


Software  rivals  rev  up 
app  integration  efforts 


■  BY  JOHN  FONTANA 


Collaborative  software  competitors 
Open  Text  and  SiteScape  this  week  are 


■  Sybase  last  week  unveiled  a  new 
version  of  its  portal  software,  Enter¬ 
prise  Portal  5.0,  which  offers  up¬ 
dates  intended  to  make  the  product 
easier  to  use.  New  features  include 
Portal  Studio,  which  has  wizard-driven 
tools  designed  to  make  it  easier  for 
customers  to  create  portlets,  the 
reusable  content  elements  that  make 
up  a  portal.  In  cases  where  integrat¬ 
ing  applications  aren’t  required,  devel¬ 
opers  can  build  portlets  with  a  few 
mouse  clicks  using  content  from  Web 
sites,  internal  databases  and  Java 
Server  Pages  applications.  Sybase's 
portal  product  will  compete  with 
products  from  IBM,  Microsoft,  Oracle, 
Sun,  Plumtree  and  others.  Another 
feature,  Portal  Framework,  includes  a 
tool  that’s  intended  to  make  it  easy  for 
end  users  to  add  their  own  content 
from  the  Web  to  a  portal.  The  tool 
uses  technology  that  Sybase  gained 
through  its  acquisition  of  OnePage  in 
April.  The  product  is  available  and  is 
priced  at  $85,000  per  processor,  the 
same  as  the  current  release,  and 
includes  a  copy  of  Sybase’s  database 
and  application  server  products. 
www.sybase.com 


scheduled  to  upgrade  their  offerings 
with  options  that  provide  improved  real¬ 
time  sharing  and  application  integration 
capabilities. 

The  products  are  designed  to  make  it  eas¬ 
ier  for  corporate  end  users  to  collaborate 
while  also  capturing  and  storing  the  result¬ 
ing  discussions  and  documents  for  future 
reference. 

Open  Text  is  releasing  Version  2.0  of  its 
Meeting  Zone  software,  which  provides 
real-time  collaboration  and  now  is  integrat¬ 
ed  more  closely  with  the  company’s  Live- 
link  knowledge  management  repository 
Open  Text  also  is  adding  two  modules  to 
Livelink.one  that  supports  natural  language 
search  and  another  that  highlights  new 
information  based  on  a  user’s  interests. 

SiteScape  is  releasing  its  Enterprise 
Forum  7.0  software,  which  features  tighter 
integration  with  corporate  databases,  and 
new  calendar,  editing,  document  manage¬ 
ment  and  workflow  capabilities.  Forum  7.0 
also  has  new  role-based  authorization. 

For  Open  Text,  Meeting  Zone  2.0  repre¬ 
sents  the  company’s  attempt  to  evolve  the 
real-time  capabilities  it  introduced  last 
year.  Open  Text  has  added  a  meeting  tem¬ 
plate  that  is  used  to  save  outlines  of  meet¬ 
ing  agendas  and  materials  for  reuse  when 
setting  up  additional  meetings.  The  soft¬ 
ware  also  has  a  “reconvene”  feature  for 
recurring  meetings. 

“Many  times  a  meeting  gets  extended  or 
rescheduled,”  says  Frank  Chafee,  senior 
developer  for  PVA  Global, a  system  integra¬ 
tor  in  Burlington,  N.C.  “Previously  in 
Meeting  Zone  you  had  to  rebuild  an  entire 
new  meeting.  Now  you  can  just  hit  a  button 
to  set  up  that  new  meeting.”  Chafee  says 
the  company  uses  Meeting  Zone  to  pre¬ 
sent  online  product  demonstrations  to 
See  Collaboration,  page  24 


Then  it  realized  it  would  make  sense  to 
hook  together  the  two  systems. 

“From  time  to  time,  we  talked  about  how 
to  pull  documents  out  of  Documentum 
and  get  them  into  an  eRoom,  and  after  an 
eRoom  session  how  to  move  that  docu¬ 
mentation  back,”  says  Ann  Marie  Horcher, 
senior  architect  for  document  manage¬ 
ment  at  Dow  Corning  in  Midland,  Mich. 
“But  there  is  nothing  automated  there.  It’s 
two  products  in  a  state  of  nonintegration.” 

But  not  for  much  longer.  In  September, 
Documentum  announced  an  agreement 
to  acquire  eRoom  and  tightly  integrate  the 
company’s  real-time  collaboration  capabil¬ 
ities  into  its  enterprise  content  manage¬ 
ment  system.The  announcement  came  just 
months  after  Documentum  laid  out  plans 
to  enhance  collaboration  within  its  native 
product,  signaling  a  focus  on  collaboration 
as  a  key  feature. 

Analysts  say  collaboration  is  an  impor¬ 
tant  piece  of  a  bigger  content  management 
picture  that  knowledge  management  and 
portal  vendors  are  looking  at  as  they  try  to 
address  the  changing  needs  of  businesses 
searching  for  a  more  cohesive  way  to  get 
the  most  out  of  their  growing  amounts  of 
digital  data. 

Content  management  companies  such  as 
Interwoven,  Documentum,  Stellent  and 
Vignette  provide  the  framework  compa¬ 
nies  need  to  manage  digital  information  by 
applying  categorization  and  workflow 
processes  to  existing  content.  A  big  focus  is 
on  managing  how  content  is  published  on 
Web  sites,  an  area  where  collaboration  has 
long  been  important.  But  content  manage 
ment  vendors  are  now  starting  to  look  at  ad 
hoc  collaboration  capabilities,  where  users 
can  manage  information  during  the  con¬ 
tent  creation  process,  using  virtual  white 
boards,  threaded  discussions  and  instant 
messaging,  for  example. 

“There  is  an  increasing  drive  to  help 
employees  get  more  done  online,”  says 
Nate  Root, an  analyst  at  Forrester  Research. 
“Instead  of  just  looking  at  documents, 
instead  of  just  finding  information  they 
need,  there  is  the  drive  to  use  quick,  always- 
on  collaboration  channels.” 

Companies  want  those  collaboration 
channels  tied  in  to  the  content  manage¬ 
ment,  portal  or  knowledge  management 
system  they  already  have,  analysts  say 
Businesses  are  no  longer  satisfied  with  buy¬ 
ing  systems  from  different  vendors,  a  big 
reason  why  content  management  compa¬ 
nies  now  find  themselves  vying  with  appli¬ 
cation  platform  vendors  such  as  IBM, 


Collaborative  content 

Collaboration  tops  the  list  of 
customer  needs,  according  to 
a  recent  survey  of  content 
management  users  by  Forrester 
Research: 

What  are  your  most  pressing  content 
management  needs  today? 

Cross-departmental  collaboration 


Better  usability _ 

HHHHIHH 

Workflow 


Legacy  integration 


Faster  content  updates 


Integrating  multiple  repositories 


Note:  Survey  of  134  companies 
(multiple  responses  allowed) 


Microsoft  and  BEA  Systems  that  can  com¬ 
bine  content  management,  collaboration 
and  portals  in  one  piece.  Integrating  col¬ 
laboration  into  their  content  management 
systems  is  one  of  the  first  steps  these  con¬ 
tent  management  vendors  are  taking  to 
provide  customers  with  the  one-stop  prod¬ 
uct  they’re  looking  for,  experts  say 

“Many  companies  are  asking,  ‘Why  do  I 
need  to  buy  a  collaboration  tool  from  one 
company,  a  portal  from  another  company 
content  management  from  another  com¬ 
pany  and  a  search  engine  from  another 
company?  Isn’t  this  a  waste  of  time  and 
money?”’ says  Hadley  Reynolds,  director  of 
research  at  Delphi  Group. 

He  says  that,  as  a  result,  IBM  or  Microsoft 
hold  a  dramatic  advantage  because  they 
can  provide  a  full  spectrum  of  capabilities. 

“That  leaves  content  specialists  like  con¬ 
tent  management  firms  kind  of  out  in  the 
cold.  They’re  widely  regarded  as  having 
superior  technology  in  their  specialist  area, 
but  they  have  not  had  the  breadth” 
Reynolds  says.  “Over  the  last  six  months, 
though,  these  vendors  have  realized  they 
need  to  put  together  a  more-extensive  set 
of  functions.” 

That’s  why  business  users  are  seeing 

See  Content  page  24 
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Anything  can  happen  to  your  infrastructure. 
Make  sure  it  scales.  In  today’s  unpredictable  business 

world,  where _ can  happen  at  any  moment,  you 

need  the  ability  to  increase  or  decrease  computing  capacity 
quickly  and  efficiently.  Here's  how  the  Microsoft’  platform 
can  help  you  get  there: 


World-record  performance:  The  Windows"  Serverfamily  holds 
world  performance  records  in  the  TPC-C  (transactions  per 
minute)  and  TPC-W  (Web  interactions  processed  per  second) 
benchmarks.  In  TPC-C  price-performance  benchmarks  of 
clustered  solutions,  systems  running  software  from  Microsoft 
hold  the  top  four  results.  In  tests  of  non-clustered  systems 
on  TPC-C,  Microsoft  solutions  hold  the  top  ten  spots  in 
price-performance.* 


Scale  up,  scale  out,  or  both:  Whether  you’re  looking  to 
consolidate  your  workload  onto  fewer  servers  “scaling  up,’’  or 
distribute  the  workload  among  many  servers  “scaling  out!’ 
the  Microsoft  platform  is  ready.  In  a  scale-up  environment, 
the  platform  can  support  up  to  32  processors  and  32  GB 
of  memory,  while  in  a  scale-out  environment,  the  platform 
supports  up  to  32  servers  via  network  load  balancing. 


For  a  Server  Consolidation  Kit,  webcasts,  and  other  information 
that  can  help  you  get  your  infrastructure  scalable  enough 

for _ ,  visit  microsoft.com/enterprise/scalability 

Software  for  the  Agile  Business. 


JetBlue  is  using  the  Microsoft  Server  Platform  to  enable  hardware 
consolidation,  achieve  better  price-performance ,  decrease  IT 
support  costs,  and  reduce  application  development  time.  The 
scalability  of  our  Microsoft-based  infrastructure  gives  us  the 
confidence  that  we  are  ready  to  handle  today’s  usage  spikes 
as  well  as  future  growth .” 

-Jeff  Cohen ,  Vice  President  &  CIO,  JetBlue  Airways 
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Historically  the  pillars  of  telecommuni¬ 
cations  regulation  around  the  world 
have  been: 

•  Raise  money  for  the  government. 

•  Protect  incumbent  carriers. 

•  Raise  money  for  the  government. 

•  Maximize  response  time  to  technologi¬ 
cal  change. 

e  Protect  incumbent  carriers. 

•  Regulate  based  on  transport  not 
services. 

0  Raise  money  for  the  government. 
Basing  telecom  regulations  on  these  pil¬ 
lars  has  worked  —  according  to  one  defin¬ 
ition  of  “worked” —  for  a  long  time.  But,  at 
least  at  the  Federal  Communications 


Commission,  things  might  —  just  might  — 
be  on  the  verge  of  changing.  It  will  take 
some  time  yet  to  know  whether  any 
change  actually  will  be  for  the  better. 

A  quick  glance  at  your  phone  bill  will  ver¬ 
ify  the  revenue-generating  imperative 
under  which  the  telephone  regulators  have 
worked  and  show  how  well  they  have  car¬ 
ried  out  that  imperative.  A  quick  glance  at 
the  coverage  maps  of  the  major  regional 
telephone  companies  will  show  how  well 
the  regulators  have  protected  the  incum¬ 
bent  carriers.  A  quick  glance  at  the  phone 
on  your  desk  will  show  how  well  this  com¬ 
bination  has  protected  us  from  innovation. 

Over  many  years  the  regulators  have  built 
very  impressive  accretions  of  facility-based 
regulations.  There  are  separate  regulatory 
regimes  for  each  legacy  type  of  service: 
fixed-wire  telephone,  wireless  telephone, 
cable  TV  and  satellite.  Regulators  stead¬ 
fastly  have  insisted  that  this  division  makes 
sense  in  spite  of  the  last  10  years  of  service 
convergence.  Somehow  telephone  ser¬ 


vices  over  twisted-pair  copper  wire,  coax 
cable,  cellular  radio,  satellites  or  over  IP 
over  any  of  the  above  were  different  things 
and  needed  to  be  regulated  on  their  own. 

The  divisions  in  the  real  world  have  been 
getting  far  less  clear  for  a  number  of  years 
and,  with  so  much  convergence  of  services 
over  IP  any  facility-based  differentiations 
are  almost  entirely  in  the  minds  of  the  reg¬ 
ulators  and  incumbent  carriers. 

But  some  glimmers  of  understanding 
might  be  coming  from  the  FCC.  Com¬ 
missioner  Kathleen  Abernathy  in  remarks 
prepared  for  delivery  at  a  recent  telecom 
forum,  asked  the  Commission  to  move 
away  from  what  she  calls  “old  regulatory 
silos.”  She  advocated  moving  toward  regu¬ 
lations  based  on  the  “functional  nature  of 
the  services  being  offered  rather  than  the 
legacy  category  that  the  provider  hap¬ 
pened  to  belong  to.”  She  also  pointed  out 
that  the  FCC  recently  asked  for  public  com¬ 
ment  on  any  rule  change  that  would  serve 
the  public  interest  and  implied  changes 


might  even  be  made. 

But  it  will  not  be  easy  for  the  FCC  to  do 
what  would  help  most.That  is,  to  get  out  of 
the  way  and  let  the  revolution  created  by 
new  technologies  that  render  traditional 
telecom  companies  endangered  species 
run  its  course.  Do  not  try  to  protect  the 
remainders  of  the  Bell  system  with  regula¬ 
tions.!  don’t  hold  out  much  hope  for  this  to 
happen  soon.  Even  someone  as  forward- 
looking  as  Abernathy  seems  to  be  missing 
a  basic  problem  when  she  says  that  one  of 
her  top  priorities  is  to  ensure  the  FCC  re¬ 
mains  relevant  as  the  world  changes.  Pre¬ 
servation  of  regulators  or  incumbent  carri¬ 
ers  should  not  be  a  design  goal  —  an  inno¬ 
vative  telecom  industry  should  be. 

Disclaimer:  Silo  protection  used  to  be  a 
goal  at  Harvard.  That  might  be  changing, 
but  the  above  is  my  evaluation. 

Bradner  is  a  consultant  with  Howard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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content  management  companies  announce  new  fea¬ 
tures.  In  April,  Interwoven  released  TeamDoc,  which 
enables  document  collaboration,  and  Stellent 
unveiled  its  Collaboration  Server,  which  lets  business 
users  set  up  project  teams.  Documentum  unveiled  its 
collaboration  edition  in  August  and  the  next  month 
announced  the  eRoom  acquisition.  In  September, 
Divine  outlined  its  ability  to  combine  content  man¬ 
agement,  collaboration  and  search  technologies,  al¬ 
though  it  did  not  announce  any  new  products. 

Companies  such  as 
OpenText  and  iManage 
have  played  up  their 
products  that  combine 
knowledge  management 
and  collaboration. 

The  weak  link 

For  the  most  part,  though, 
support  for  cross-company 
collaboration  has  re¬ 
mained  relatively  weak 
among  content  manage¬ 
ment  vendors,  analysts  say 

“The  eRoom  acquisition  certainly  allows  Docu¬ 
mentum  to  leapfrog  the  other  content-management- 
oriented  offerings  in  this  [collaboration]  area,” 
Reynolds  says. 

For  Horcher,  the  combination  is  music  to  her  ears. 
Dow  Corning  had  considered  integrating  eRoom  and 
Documentum  as  various  projects  demanded  it. 

“But  let  me  put  it  this  way  we  weren’t  not  jumping  on 
it  because  it  was  easy”  Horcher  says.  “It  was  one  of 
those  things  where  somebody  wasn’t  willing  to  pay  for 
it.  So  we  did  it  the  back-door  way,  which  is  manually 

That  meant  documents  from  Documentum  had  to 
be  ported  to  eRoom  for  collaboration  and  then  a  fin¬ 
ished  product  created  through  an  eRoom  ported  back 
to  Documentum  for  archiving.  For  other  companies, 
the  link  between  content  management  and  collabo¬ 
ration  is  even  weaker. 

In  Scott  County  a  fast-growing  area  just  south  of 
Minneapolis,  Deputy  County  Administrator  Gary 
Shelton  estimates  he’s  saving  as  much  as  $300,00  per 


year  by  using  Stellent’s  content  management  system.  A 
large  part  of  the  savings  comes  from  the  fact  that  the 
county  no  longer  has  to  keep  tons  of  paper  files,  which 
took  up  office  space  and  required  staff  to  manage, 
Shelton  says.  In  addition,  employees  know  they’re  get¬ 
ting  the  most  up-to-date  files  because  they’re  coming 
from  the  Stellent  repository  But  the  county  hasn’t  taken 
advantage  of  any  collaboration  features. 

“Now,  the  way  we  collaborate,  and  the  way  most  com¬ 
panies  collaborate,  is  we  use  e-mail.  In  some  respects  it 
works  fine.  In  other  respects,  it  doesn’t.  It’s  not  always 
secure,’ ’he  says.“What  we’re  looking  for  is  a  way  to  bring 
structure  to  an  unstructured  world  ...  the  question  is, 
how  do  you  do  it  without  creat¬ 
ing  something  cumbersome, 
and  how  do  you  build  upon 
what  you  already  have?” 

Shelton  says  he  believes  Stel¬ 
lent’s  Collaboration  Server, 
which  lets  business  users  set  up 
team  workspaces  and  set  up 
secure  access  rights  without  the 
aid  of  IT,  likely  will  meet  the 
county’s  needs. 

The  security  issue 

Security  also  is  an  issue  at  Stanford  University 
Hospital  and  Clinics  in  Palo  Alto,  which  uses  Inter- 
woven’s  content  management  system  and  collabora¬ 
tion  features.  As  the  medical  center  expands  the  sys¬ 
tem  to  more  departments,  collaboration  —  and  the 
security  of  the  content  within  collaborative  sessions 
—  will  become  increasingly  important,  says  Mattice 
Harris, Web  branch  administrator. 

“We’re  happy  with  Interwoven’s  collaboration  capa¬ 
bilities,  but  we’re  not  using  the  tool  to  the  fullest  capa¬ 
bility.  Right  now  we’re  investigating  what  the  tool  can 
do,”  he  says.“I  feel  like  we  have  a  Swiss  Army  Knife  and 
we’re  only  using  the  scissors.” 

One  issue  for  businesses  is  whether  they  already  use 
a  collaboration  product.  Michael  Dortch,  a  principal 
analyst  with  Robert  Frances  Group,  says  he  doubts 
companies  with  collaboration  tools  will  scrap  what 
they  have  to  use  features  from  content  management 
vendors.  What’s  important  in  that  case,  he  says,  is  that 
content  management  systems  interoperate  with 
proven  collaboration  software.* 


fcfc  What  we're  looking  for  is 
a  way  to  bring  structure  to 
an  unstructured  world. . .  99 

Gary  Shelton 

Deputy  county  administrator  for  Scott 
County,  Minn. 
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customers.  PVAs  success  has  led  it  to  start  reselling  the  product, 
he  says. 

Open  Text  also  has  added  application-sharing  capabilities  that 
let  users  store  their  work  in  the  Livelink  repository  and  a  slideshow 
feature  for  presenting  Microsoft  PowerPoint  presentations  from  the 
Meeting  Zone  server,  which  runs  on  Windows  NT  and  2000,  instead 
of  distributing  the  presentation  to  each  meeting  participant.  Open 
Text  is  expected  to  add  Unix  support  in  January 

Meeting  Zone  is  priced  at  $200  per  user. 

Open  Text  also  introduced  Recommender  and  Naturalizer,  two 
modules  for  Livelink  expected  to  be  available  next  month. Recom¬ 
mender  catalogs  documents  a  user  accesses  and  suggests  addi¬ 
tional  information  for  him  to  view. 

Meanwhile,  Enterprise  Forum  7.0,  which  runs  on  Win  2000  or  NT, 
Sun  Solaris  and  Red  Hat  Linux,  includes  support  for  Microsoft’s 
SQL  Server  2000  and  Oracle  8i  databases  to  go  with  the  custom 
database  that  ships  with  the  software. 

The  company  also  has  added  new  document  management, 
workflow  and  editing  features,  which  allow  users  to  view  docu¬ 
ments  without  losing  the  native  formatting.  Enterprise  Forum  7.0 
supports  200  file  formats. 

The  software  also  is  integrated  with  the  calendar  and  notification 
capabilities  of  Microsoft  Outlook  and  includes  a  task  feature  that 
can  be  integrated  into  discussions,  workflows  and  documents. 

SiteScape  has  added  support  for  portal  software  from  Citrix, 
Oracle,  Viador  and  Plumtree.  Enterprise  Forum  7.0  also  has  a 
role-based  authorization  mechanism  that  works  with  a  directory 
compatible  with  Lightweight  Directory  Access  Protocol, 
and  support  for  Simple  Object  Access  Protocol  that  lets  users 

export  data  to  enterprise  re- 


More  online! 

Check  collaboration  software  out  for  your¬ 


self  with  our  free  or  trail  software  down¬ 
load  section. 

DocFinden  2935 


source  planning  and  CRM 
applications. 

Enterprise  Forum  7.0  is 
priced  at  $99  per  user. 

Both  vendors’  products  com¬ 
pete  with  products  from  ven¬ 
dors  such  as  Documentum, 
which  recently  bought  online 
workspace  vendor  eRoom 
Technology;  Intraspect  Soft¬ 
ware;  iManage;  Lotus  Quick- 
Place  and  Discovery  Server; 
and  Microsoft  SharePoint 
Portal  Server.  ■ 
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According  to  a  recent  IDC  report  on  the  clustering  and  availability  software  mark* 
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FREE  White  paper! 

Avoiding  Costs  from  Oversizing 
Data  Center  Infrastructure 


Just  mail  or  fax  this  completed 
coupon  or  contact  APC  for  your 
FREE  white  paper  -  Avoiding 
Costs  from  Oversizing  Data 
Center  Infrastructure  Better 
yet,  order  it  today  at  the  APC 
Web  site!  You  will  also  receive  a 
free  PowerStruXure”  CD: 
"Presenting  PowerStruXure". 

http://promo.  apc.com 
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(888)  289-APCC  x2523  •  FAX:  (401 )  788-2797 


Legendary  Reliability" 


Company: 

Address:  Address  2: 


City/Town: State: Zip: Country: 

Phone: _ Fax; _ E-mail: _ 

I  I  Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  PowerNews  e-mail  newsletter.  [  Key  Code  h460y  ] 
What  type  of  availability  solution  do  you  need? 

□  UPS:  0-16kVA  (Single-phase)  □  UPS:  10-80kVA  (3-phase  AC)  □  UPS:  80+  kVA  (3-phase  AC)  □  DC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 
Purchase  timeframe?  □  <1  Month  □  1-3  Months  □  3-12  Months  □  1  Yr.  Plus  □  Don't  know 
You  are  (check  1):  □  Home/Home  Office  □  Business  (<1000  employees)  □  Large  Corp.  (>iooo  employees) 

□  Gov't,  Education,  Public  Org.  □  APC  Sellers  &  Partners 

©2002  APC.  All  trademarks  are  the  property  of  their  owners  PSX3A2EB-USb_2c  •  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 
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How  to  Contact  APC 

Call:  (888)  289-APCC 

use  the  extension  on  the  reverse  side 

Fax:(401)  788-2797 

Visit:  http://promo.apc.com 

use  the  key  code  on  the  reverse  side 


Legendary  Reliability" 


Manageable.  Modular.  Pre-engineered 


From  IkW  to  5MW,  PowerStruXure  architecture  provides  a  patent-pending 
integrated  approach  to  building  data  center  infrastructure  utilizing  stan 
dardized,  pre-assembled  components. 


PowerStruXure's  scalable,  modular  design  lets  you  build  out  capacity  only 
as  it's  required.  You  can  also  easily  adapt  to  the  ever-changing  requirements 
of  your  server  room  or  data  center,  proactively  manage  the  physical  layer  of 
your  network  infrastructure,  and  increase  your  system  availability  per  dollar. 


Best  of  all,  you  will  never  be  boxed  in  by  proprietary  solutions. 
PowerStruXure  is  vendor-neutral  and  compatible  with  all  major  server  and 
internetworking  platforms,  including  HP/Compaq,  Dell,  IBM,  Sun,  Alcatel, 
Cisco,  Nortel,  Ericsson,  and  Siemens.  Find  out  today  why  experts  and 
users  agree:  you  no  longer  need  to  design  your  data  center  using  an  out¬ 
moded  approach. 


' I  enjoy  the  fact 
that  I  can  buy  only 
what  I  need  now  and 
add  to  it  later  only 
when  I  need  to. " 

Michael  Touchstone 

Manager  of  Energy 
Conservation, 

Cox  Communications 


" PowerStruXure's  integration  is  an  example  of 
thoughtful  design,  taking  many  of  the  costly, 
disparate  environmental  systems  in  a  data 
center  and  unifying  them.... " 

Greg  Tally,  Broadband  Editor 
Boardwatch  Magazine 


Winner  of  the  Windows  and  .Net 
Magazine  " 2002  Reader's  Choice  Award 
for  Best  High  Availability  Solution"  and  the 
GCN  "Best  New  Technology  Award"  at 
FOSE,  March  2002. 


Bownmcflf  Computer  Wows  Best 

New  Technology 

Awards  at  FOSE 


Legendary  Reliability 


Planning  a  data  center  is  easy. 
Try  our  online  configurator  today! 

r:‘.  •■'V .  •’  r'ft'l.-  ■■ 


or  download  a  FREE  White  Paper:  “Avoiding  Costs  from  Oversizing  Data  Center  Infrastructure 


With  " Fits  Like  a  Glove"  money 
back  guarantee!  See  Web  site 
at  right  for  details. 
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Only  PeopleSoft  Enterprise  Service  Automation  delivers  proactive  control  over  outside  services  spending. 


PeopleSoft  ESA  is  the  only  complete  solution  for  managing  the  expense  of  outside  contractors,  consultants,  and 
temps.  It  enables  you  to  know  exactly  who's  doing  what  and  how  much  it  is  costing.  And  PeopleSoft  ESA  matches  the 
right  skills  to  the  right  projects  in  real-time.  So  you  minimize  outside  services  spending,  while  maximizing  its  value. 

Learn  more  by  visiting  us  atwww.peoplesoft.com/esa  or  call  1-888-773-8277 


©  2002  PeopleSoft.  Inc.  PeopleSoft  is  a  registered  trademark  of  PeopleSoft,  Inc. 


Financial  Management 
Solutions 


Human  Capital 
Management 


PeopleSoft 
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■  WIRELESS  ■  REGULATORY  AFFAIRS 


Verizon  seen  looking  beyond  Genuity 


Complex  relationship 


While  Verizon  is  severing  most  of  its  financial  ties  to  Genuity,  the  Bell  will  continue  to  resell  the  foundering  ISP's 
business  services  for  now. 


May 

GTE  acquires  ISP 
BBN  Planet  and 
renames  it  GTE 
Internetworking. 


April 

GTE  Internetworking 
is  spun  off  and 
renamed  Genuity. 


May 

Genuity  reduces  its  staff  by 
12%  and  receives  a  $2  billion 
credit  line  from  Verizon. 


July 

Verizon  passes  on  reacquiring  Genuity. 

1 1  Verizon's  decision  to  cancel  its 
option  to  integrate  Genuity  and  its 
credit  agreement  was  unexpected 
and  a  disappointment  to  us.  9  9 

Paul  Gudonis 

Chairman  and  CEO,  Genuity 
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June  - 

•  Bell  Atlantic  and  GTE  merge  to  become  Verizon. 

•  Genuity  completes  its  IPO  and  issues  Verizon 
Class  B  stock  that  equals  9.5%  of  Genuity.The 
financial  agreement  also  lets  Verizon  reacquire 
80%  of  the  ISP  once  the  Bell  meets  certain  FCC 
regulations  regarding  local  and  long-distance 
voice  services. 


May  1 

Genuity,  saddled  with  $3.12  billion  in  debt,  reports  a 

first-quarter  loss  of  $258  million  on  revenue  of  $282 

million. 

Debt  in  billions  through  May  2002 


October  - 

Genuity,  whose  stock  is  trading 
for  about  30  cents  per  share, 
receives  its  fourth  extension  on 
its  credit.That  extension  is  up  on 
Nov.  12. 


■  BY  DENISE  PAPPALARDO  AND 
MIKE  MARTIN 

Verizon’s  business  IP  services  have  been 
closely  tied  to  Genuity  for  more  than  two 
years,  which  means  that  as  the  ISPs  future 
is  called  into  question  daily  so  is  the  future 
of  those  Verizon  services. 

Verizon  walked  away  from  Genuity  this 
summer  after  it  exercised  its  right  to  cash  in 
Class  B  stocks  that  would  have  let  the  in¬ 
cumbent  local  exchange  carrier  (ILEC) 
buy  80%  of  the  ISP 

Genuity  recently  received  its  fourth  ex¬ 
tension  from  its  creditors,  which  include 
Verizon  and  a  consortium  of  banks.  Gen¬ 
uity  is  in  the  process  of  restructuring  its 
debt,  which  might  lead  to  Chapter  1 1  bank¬ 
ruptcy  proceedings,  according  to  industry 
observers.  While  Genuity’s  future  is  murky 
it’s  clear  Verizon  needs  a  new  plan  to  meet 
its  IP  business  service  needs. 

Genuity  develops  and  maintains  Verizon 
IP  services,  including  IP  VPN,  security  and 
voice-over-IP  (VoIP)  services. 

“I  suspect  you  will  see  [Verizon]  use 
another  carrier  in  the  near  term,”  says 
Steven  Harris,  an  analyst  at  IDC.And  that  is 
what  the  ILEC  is  planning.  A  new  IP  “part¬ 
ner”  might  be  announced  as  early  as  next 
week.  “But  [Verizon]  will  continue  to  use 
Genuity  as  long  as  they  can,”  Harris  says. 

The  ILEC  says  it  will  honor  a  five-year, 
$500  million  commitment  to  purchase 
services  and  will  continue  to  resell  Gen¬ 
uity’s  IP  networking  services. 

But  Verizon  business  customers  might  be 
leery  of  putting  their  IP  traffic  over  Gen¬ 
uity’s  network  today  when  they  cannot 


■  Broadwing  Communications  is 
cutting  25%  of  its  staff  —  500 

employees  —  in  an  effort  to  reduce 
expenses.  The  company  says  it  will 
reduce  overall  costs  by  25%  over  the 
next  six  months  through  layoffs,  net¬ 
work  grooming  and  optimization, 
renegotiating  rates  and  exiting  the 
wholesale,  international  voice  service 
business.  The  service  provider  made 
this  announcement  last  week  when  it 
revealed  its  third-quarter  earnings. 


predict  where  the  ISP  will  be  by  year-end. 

“Enterprise  customers  do  not  have  an  in¬ 
terest  in  signing  contracts  with  bankrupt 
companies,  and  Verizon  will  be  hampered 
by  its  connection  to  Genuity  for  new  con¬ 
tract  sales,”  Harris  said  in  a  recent  report. 

While  Verizon  says  it  will  continue  to 
work  with  Genuity  the  ILEC  is  expected  to 
come  up  with  a  more  solid,  dependable  IP 
plan.  Verizon’s  IP  possibilities  include  the 


■  NTT/Verio,  which  began  an  enter¬ 
prise  push  last  spring,  is  taking  things  a 
step  further  with  a  new  hosting  plat¬ 
form  designed  to  give  companies  a  sim¬ 
pler  way  to  build  out  their  infrastructure. 
The  NTT/Verio  PowerPlatform 
includes  four  elements:  hosting,  man¬ 
aged  services,  support  and  a  new  portal 
that  gives  customers  real-time  access 
into  the  performance  of  their  hosted 
systems.  PowerPlatform  Hosting 
includes  RapidRollout  for  smaller  cus¬ 
tomers;  collocation  services;  and  Modu¬ 
lar  Hosting,  for  larger  businesses. 
Modular  Hosting  lets  companies  design 
infrastructures  that  best  meet  their 
needs. 


acquisition  of  Genuity  as  a  debt-free  ISP  if 
it  files  for  bankruptcy  buying  up  dark-fiber 
to  build  its  own  IP  network,  and  teaming 
with  or  buying  another  ISP 

However,  the  likelihood  that  Verizon 
would  buy  Genuity  in  bankruptcy,  if  that’s 
Genuity’s  ultimate  path,  is  doubtful,  says 
David  Rohde,  an  analyst  at  TechCaliber. 

“Verizon  dissed  Genuity  primarily  be 
cause  of  the  debt  question.  But  there’s  an 
important  secondary  reason,”  Rohde  says. 
Genuity  does  not  have  the  customer  base 
that  Verizon  wants,  he  adds. 

“Exodus,  [WorldCom]  and  AT&T  have 
those  customers,”  he  says.“Exodus  is  taken. 
AT&T  isn’t  for  sale.  WorldCom’s  UUNET  divi¬ 
sion  will  be  what  they  want.They  just  can’t 
say  so  at  the  moment,”  Rohde  says.  If  Veri¬ 
zon  expressed  interest  in  another  finan¬ 
cially  challenged  company,  the  ILEC’s  cred¬ 
it  rating  surely  would  be  hampered,  he 
says. Verizon  cannot  afford  that  risk. 

IDC’s  Harris  agrees  that  Verizon  will  not 
likely  purchase  an  ISP  soon.  Instead 
Verizon  will  “muddle  through  this  latest 
turmoil  then  buy  a  network  down  the 
road,”  he  says. 

While  analysts  say  Verizon  could  receive 
Federal  Communications  Commission  ap¬ 
proval  to  purchase  national  dark  fiber  to 
build  its  own  network,  that  route  seems  un¬ 


likely  The  company  is  carrying  a  large  debt, 
like  most  telecom  companies. 

Verizon  is  thought  to  be  working  on  a 
new  partnership  agreement,  which  some 
analysts  say  is  not  the  best  long-term 
approach.  Such  a  deal  could  leave  Verizon 
in  a  precarious  situation  if  the  new  partner 
is  acquired  or  falls  on  hard  financial  times. 

Nevertheless,  Verizon  is  expected  to 
announce  a  new  Tier  1  backbone  service 
provider  partner  next  month,  says  Jason 
Summers, director  of  advanced  networking 
services  for  Verizon  Enterprise  Solutions. 
Today  Genuity  is  the  only  ISP  backbone 
provider  that  Verizon  uses  to  support  its 
business-service  customers.  Verizon  says  it 
believes  in  Genuity’s  technical  ability,  but  it 
cannot  ignore  the  ISP’s  financial  woes. 

There  is  speculation  that  Verizon’s  near- 
term  IP  partner  will  be  Sprint.  Verizon  is 
always  looking  at  new  partnerships  to  add 
“further  value  for  customers,”  says  .a 
Verizon  spokeswoman.  But  the  ILEC  says  it 
cannot  confirm  or  deny  that  it  is  in  dis¬ 
cussions  with  Sprint.  Sprint  says  it  cannot 
comment  on  speculation  about  Verizon. 

While  Genuity  says  Verizon  continues  to 
put  new  VPN,  access  and  VoIP  customers 
on  its  network,  IDC’s  Harris  says  he  believes 
Verizon  eventually  will  add  most  new  cus¬ 
tomers  to  a  back-up  provider’s  network.* 
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EYE  ON  THE 
CARREERS 

Johna  Till 
Johnson 


Moving  from  bandwidth  provider  to 


I’ve  written  a  lot  about  the  distinction 
between  bandwidth  providers  and 
service  providers.  For  incumbent  lo¬ 
cal  exchange  carriers,  it’s  not  just  se¬ 
mantics:  The  difference  has  a  real  impact 
on  their  futures. 


To  recap,  bandwidth  providers  offer  low- 
margin,  undifferentiated  services  that 
serve  as  building  blocks  from  which  users 
can  craft  solutions;  service  providers  offer 
higher-margin,  customized  services  tai¬ 
lored  to  users’  needs. 


In  my  office,  I  have  to  keep  everything 
running  smoothly.  From  servers  to  work¬ 
stations,  one  disruption  can  be  disastrous 
and  cost  the  company  a  lot  of  money. 

That's  why  I  use  the  P-Touch®  PT-1300. 


labels,  I  can  trust  someone  else  to  get  the 
job  done  with  ease. 

From  LANs  to  WANs,  Intranet  to  Internet, 
my  P-Touch  labeler  makes  every  connec¬ 
tion  possible. 


When  it  comes  to  identification,  it's  all  I  need. 
With  P-Touch  labels,  I  can  easily  identify  all  my 
servers,  workstations,  patch  panels,  cables 
and  face  plates,  making  troubleshooting  quick 
and  minimizing  downtime. 

After  all,  when  I'm  not  in  the  office,  the  com¬ 
pany  has  to  run  without  me.  And  with  all  the 
equipment  clearly  marked  with  P-Touch 


P-Touch  systems- the  perfect  office  labels, 
wherever  your  office  may  be.  Enter  the 
P-Touch  People  Contest 
and  tell  us  how  your 
P-Touch  helps  you 
organize  your  office. 

We  want  to  know. 


www.ptouchpeople.com 
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(800)622-63)2  (800)825-5517  (800)463-9275  (847)918-3700 


P-Touch®  Electronic  Labeling  Systems 
create  industrial  strength  and  standard 
adhesive-backed  laminated  labels  to 
organize  virtually  anything. 

•  Standard  Laminated  Tapes:  Bright,  easy-to- 
read  labels,  perfect  for  safety  precautions  and 
high  visibility  when  hidden  behind  cables. 
Available  in  a  variety  of  colors  and  widths. 

•  Security  Tapes:  Leave  a  checkered  pattern  if 
removed,  to  see  if  anyone  has  tampered 
with  them. 

•  Industrial  Adhesive  Tapes:  Adhere  up  to  two 
times  stronger  than  standard  laminated  tapes. 

b  _  h  At  your  side. 

brother: 


www.brother.com  •  1-877-4PT0UCH 


service  provider 

What’s  the  difference?  Customer  focus. 
To  offer  bandwidth  effectively,  a  provider 
has  to  have  outstanding  operational  effi¬ 
ciencies,  which  means  making  simplified 
assumptions  about  customer  desires. 
Remember  Henry  Ford’s  axiom  that  a  cus¬ 
tomer  can  have  any  color  he  likes  so  long 
as  it’s  black?  That’s  the  mindset. 

To  offer  services,  a  provider  needs  excel¬ 
lent  customer  intimacy  That  means  more 
than  just  understanding  how  well  a  cus¬ 
tomer  likes  what  he’s  buying  —  it  means 
knowing  why  he’s  using  your  services  and 
coming  up  with  new  services  that  meet 
those  needs  even  better. 

Now  even  though  it  might  surprise  some 
regular  readers,  here’s  a  good  word  for  the 
ILECs:  They  have  a  natural  advantage  as 
service  providers,  if  they  would  only  rec¬ 
ognize  and  act  on  it. 

For  one  thing,  they  have  the  best  infor¬ 
mation  on  users’  purchasing  habits. 

An  example:  Any  household  that  pur¬ 
chases  more  than  two  phone  lines  proba¬ 
bly  has  either  a)  teenage  children;  b)  a 
demand  for  high-speed  Internet  access;  c) 
one  or  more  adults  who  occasionally 
work  from  home;  or  d)  more  than  one  of 
the  above.  Why  not  put  together  a  service 
bundle  that  includes  high-speed  Internet 
access,  a  VPN  product  and  maybe  bun¬ 
dled  local  and  long-distance  service  for  a 
flat-rate  monthly  fee? 

Admittedly,  regulation  hinders  ILECs 
from  offering  many  of  these  differentiated 
service  offerings.  But  here’s  a  radical 
thought:  What  if  the  ILECs  focused  their 
lobbying  on  fixing  those  regulations, 
instead  of  expending  millions  of  lawyer- 
hours  on  challenging  unbundled  network 
element-platform  pricing? 

Or  an  even  more  radical  idea:  What  if  an 
1LEC  agreed  to  purchase  the  network  ele¬ 
ments  across  which  it  offered  these  services 
from  a  third  party  (maybe  even  the  cable 
companies).  Then  the  ILEC  could  use  its 
customer  service  and  marketing  muscle  to 
provide  the  bundling  and  customer  sup¬ 
port  in  exchange  for  a  share  of  the  profits? 
Competition  is  fostered,  customers  are 
served,  and  the  ILEC  slowly  but  surely 
migrates  out  of  the  bandwidth  business. 

Getting  into  the  service  business 
requires  that  kind  of  “out  of  the  box”  think¬ 
ing,  including  a  willingness  to  consider 
the  idea  that  what  you  thought  of  as  your 
core  service  is  actually  something  that 
you  can  purchase  more  inexpensively 
from  someone  else. 

Two  additional  notes: 

In  a  recent  column,  I  misrepresented  the 
sponsors  of  MPLSCon.  It’s  actually  man¬ 
aged  by  Trade  Show  Management  Corp., 
under  the  able  guidance  of  Irwin  Lazar. 

Second,  thanks  to  all  who  wrote  about 
Nemertes  Research.To  find  out  more  about 
us  and  what  we’re  up  to,  please  check  out 
our  Web  site  at  www.nemertes.com. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  a  technology 
research  firm.  She  can  be  reached  at  Johna 
@nemertes.com. 
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For  a  limited  time,  you  can  get  a  copy  of  this  SPECIAL  REPORT 
in  PDF  format,  free.  Just  sign  up  for  any  of  Network  World 
Fusion's  over  40  technology  specific  e-mail  newsletters  and  we 
will  send  you  the  Network  World  Fusion  SPECIAL  REPORT: 
Network  Security  Perimeters  -  absolutely  free.  Remember,  you 
can  get  this  SPECIAL  REPORT  by  signing  up  for  a  Network 
World  Fusion  e-mail  newsletter.  Sign  up  today  at 
http://www.nwwsubscribe.com/foc416 


Network  Security  Perimeters 
(NSPs)  have  become 
necessary  as  a  result  of  our 
increasing  dependency  on  electronic 
communications  via  the  Internet. 
In  this  latest  SPECIAL  REPORT  - 
exclusively  from  Network  World 
Fusion  -  well-known  IP  networking 
specialist  Chris  Ellis  covers  the  issues 
of  NSP  design,  performance  and 
scalability.  Take  advantage  of  this 
free  offer  from  Network  World  Fusion 
and  secure  your  copy  of  the  SPECIAL 
REPORT:  Network  Security  Perimeters 
in  PDF  format  today. 

Chris  Ellis  is  an  IP  networking 
specialist  who  has  spent  most  of 
his  career  as  a 
consultant  analyzing, 
designing  and  deploying 
IP  networks.  His  career 
of  over  twenty  one 
years  has  seen  a 
particular  focus  on  the  engineering  of 
secure  IP  networks  as  well  as  next 
generation  networks  that  offer 
quality  of  service,  high  performance 
and  high  availability. 
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Sponsors  of  the  Network  World  Fusion  SPECIAL  REPORT: 
Network  Security  Perimeters  include: 


Network  Security  Perimeters 


Symantec. 
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Secure  Identity  Management 


E  NetSolve" 


Internet  Security  Systems 


■  SERVICE  PROVIDER  DEVELOPMENTS 
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Elematics  provisions  optical  links 

Control  plane  software  can  create  light  paths  through  carrier  networks. 


9  BY  TIM  GREENE 

PORTLAND,  ORE.  —  Elematics  is  intro¬ 
ducing  software  designed  to  ease  the  pro¬ 
visioning  of  optical  circuits  by  talking 
directly  to  the  network  devices  and  associ¬ 
ated  management  systems. 

Called  Intelligent  Network  Control  Plane 
(INCP),  the  software  communicates  with 
network  elements  and  their  element  man¬ 
agement  systems  to  gather  data  needed  to 
determine  which  devices  are  available  to 
support  new  circuits.That  data  is  passed  up 
to  operations  support  systems  (OSS)  that 
can  map  in  new  circuits. 

The  OSSes  pass  down  a  description  of  the 
desired  new  circuit,  and  INCP  turns  that 
into  commands  that  reconfigure  network 
devices  to  activate  a  new  circuit.  The  soft¬ 
ware  eliminates  the  need  to  manually  con¬ 
figure  devices  to  provision  new  optical 
pathways,  the  company  says. 

Current  provisioning  of  optical  circuits 
can  take  days  or  weeks  if  it  means  that  engi¬ 
neers  have  to  examine  network  elements, 
design  a  circuit  and  reconfigure  devices 
one  at  a  time  to  support  it. 

To  automate  the  process,  INCP  needs  to 
be  able  to  talk  to  existing  devices  and 
OSSes,  which  means  Elematics  must  write 
software  for  each  element  and  OSS  that 
would  be  involved  in  creating  circuits.  So 


Takes 

B  Metropolitan  access  vendor  Vina 
Technologies  last  week  announced 
it  has  expanded  its  OEM  relationship 
with  Lucent.  Lucent  will  resell  Vina's 
eLink  products,  which  integrate  voice, 
data  and  Internet  services  over  one 
broadband  line  for  small  and  midsized 
businesses.  Lucent  will  sell  the  line 
unde  the  name  ConnectReach  200 
series.  Lucent's  ConnectReach  net¬ 
work  access  products  have  been 
based  on  Vina's  Integrator  300  inte¬ 
grated  access  devices.  The  eLink/ 
ConnectReach  200  series  IADs  sup¬ 
port  up  to  24  voice  ports,  a  LAN  con¬ 
nection  and  a  single  broadband 
connection. 


far,  the  company  has  written  interfaces  for 
optical  gear  made  by  Ciena,  Cisco,  Nortel 
and  ONI  (now  part  of  Ciena).  These  de¬ 
vices  were  chosen  because  they  are  the 
most  popular  and  widely  deployed  in  com¬ 
bination  with  each  other  in  carrier  net¬ 
works,  Elematics  says. 

This  group  of  devices  makes  it  possible  to 
provision  optical  transport  links  through 
the  core  of  provider  networks.  The  com¬ 
pany  says  it  plans  to  extend  its  set  of  inter¬ 
faces  to  other  vendors’  gear  over  time.  The 
goal  is  to  interface  with  enough  elements 
to  provision  circuits  over  metropolitan  and 
access  networks  as  well  as  core  networks, 
Elematics  says.  This  would  include  optical 
cross-connects,  add-drop  multiplexers  and 
optical  switches. 

It  takes  about  three  months  to  integrate 
INCP  with  a  vendor’s  element  management 
software,  which  would  still  be  required  to 
distribute  software  revisions  to  devices, 
Elematics  says. 

INCP  uses  generalized  Multi-protocol 
Label  Switching  (GMPLS)  as  its  control 
plane  logic.  GMPLS  was  devised  to  isolate 


■  BY  JIM  DUFFY 

PALO  ALTO  —  Packet  Design  this  week 
will  unveil  a  product  designed  to  alleviate 
the  security  and  reliability  issues  associ¬ 
ated  with  Border  Gateway  Protocol,  the 
routing  protocol  used  by  virtually  all  net¬ 
work  routers  for  communication  between 
service  providers  and  enterprise  domains. 

The  company’s  BGP  Scalable  Transport 
(BST)  protocol  is  intended  to  streamline 
communication  of  BGP  routing  informa¬ 
tion,  thereby  improving  security  and  relia¬ 
bility  Packet  Design  says.  BST  works  with  — 
but  requires  no  changes  to  —  any  vendor’s 
routers’  existing  BGP  implementation. 

Packet  Design  has  applied  for  several 
patents  on  BST,  which  are  still  pending. 

BST  augments  BGP  with  a  new  transport 
mechanism  next  to  the  one  it  currently 
uses, TCP  TCP  sends  data  from  one  sender 
to  one  receiver. 

A  connection  must  be  kept  open 
between  every  pair  of  routers,  and  many 
copies  of  the  same  information  travel 
across  the  network  simultaneously  eating 
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the  control  plane  from  the  data  plane  in 
heterogeneous  networks  that  use  diversi¬ 
fied  data  planes  including  packet,  time  divi¬ 
sion  multiplexing  and  optical. 


up  router  resources,  Packet  Design  says. 

With  TCP  security  is  compromised,  both 
because  the  routers  lack  the  capacity  to  do 
resource-heavy  authentication  and  encryp¬ 
tion  while  managing  such  large  numbers 
of  connections,  and  because  peering  ex¬ 
poses  routing  services  and  leaves  the  net¬ 
work  routers  vulnerable  to  attacks, the  com¬ 
pany  says. 

Reliability  also  suffers  because  the  fail¬ 
ure  of  even  one  TCP  connection  leads  to 
the  exchange  of  large  routing  tables, caus¬ 
ing  large-scale  ripple  effects  across  the 
network. 

The  company’s  BGP  transport  alternative 
is  BST,  which  transmits  information  using  a 
technique  known  as  flooding.  Instead  of  a 
message  being  sent  from  an  originating 
router  to  every  other  router  in  the  network, 
it  is  sent  only  to  the  first  router’s  immediate 
“neighbor”  routers,  which  in  turn  send  it  to 
their  neighbors,  and  so  on. 

BST  requires  significantly  fewer  connec¬ 
tions  than  TCP  so  a  network  can  scale  to  a 
much  greater  size  with  minimal  concern 
for  connection  loss, security  breaches, slow 


By  embracing  GMPLS,”  [INCP]  fits  into  the 
way  vendors  and  carriers  look  at  network 
management,”  says  David  Krozier,  an  ana¬ 
lyst  with  RHK.  But  because  GMPLS  is  still 
developing,  interoperability  is  uncertain. 

“There  [have]  become  islands  of  man¬ 
agement,  and  everybody’s  system  only 
operates  by  itself,”  Krozier  says. 

An  overarching  software  like  INCP  inter¬ 
facing  with  enough  vendors’  gear  can  help 
resolve  and  connect  these  islands. 

“If  you  had  this  in  your  whole  network, 
this  would  improve  performance,”  he  says. 

INCP  automatically  discovers  equipment 
in  providers’  networks  and  creates  an  inven¬ 
tory  of  what  resources  are  used  and  what 
resources  are  available.Such  inventories  are 
a  long-standing  shortcoming  of  service 
providers,  Krozier  says. 

“Carriers  want  to  get  a  system  in  place  so 
what’s  written  in  their  records  matches 
what’s  in  place  in  the  network,”  he  says. 

The  company  says  the  price  of  INCP  starts 
in  the  six  figures  and  is  based  on  the  num¬ 
ber  of  network  elements  being  managed.lt 
is  available  now.  ■ 


convergence  times  and  configuration  com¬ 
plexity  Packet  Design  says. 

BST  can  be  used  between  route  proces¬ 
sors  in  a  single  router,  between  routers  in  a 
point  of  presence,  between  POPs  in  an 
autonomous  network,  or  between  auton¬ 
omous  networks. 

Packet  Design’s  BST  reference  implemen¬ 
tation  will  be  available  next  month.  Pricing 
includes  an  initial  license  fee  starting  at 
$100,000  plus  a  per-device  royalty  which  is 
based  on  volume. 

Packet  Design:  www.packetdesign.com 
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gigabit  switches  for  example.  Most  manufacturers 
models.  NETGEAR  has  a  wide  choice  including  wl 
offers:  unmanaged  switches  with  16  and  24,  along 
all  gigabit  ports. 


to  2000  Mbps  per  port  in  full-duplex  mode,  10  times  faster 
Ethernet.  Which  means,  multimedia,  image  and  video  files 
— or  giga-up — and  go.  And  they'll  arrive  safely. 
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Dell'Oro  Group  Ethernet  Switch  report  published  February  1 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


DifF-Serv  provides  quality  of  service 


■  BY  PETER  PAWLITA 

The  three  primary  benefits  of  converged 
networks  are  cost-effectiveness,  scalable 
support  for  voice  and  datastreams  on  a 
single  infrastructure,  and  reduced  man¬ 
agement  costs. 

However,  a  converged  network  requires 
a  quality-of-service  (QoS)  capability  that 
ensures  each  application  running  on  the 
network  is  allocated  the  bandwidth  it 
needs  to  meet  service-level  agreements. 

Standards-setting  bodies,  such  as  the  In¬ 
ternet  Engineering  Task  Force,  have  strug¬ 
gled  with  the  best  way  to  achieve  QoS.  One 
standard  is  Resource  Reservation  Protocol 
(RSVP),  but  it  does  not  scale  well  and 
hasn’t  been  accepted  widely  The  Differen¬ 
tiated  Services  (Diff-Serv)  standard,  pub¬ 
lished  in  December  1998  (RFC  2474  and 
2475)  for  Layer  3  of  the  International 
Standards  Organization  model,  has  be¬ 
come  much  more  successful. 

Unlike  RSVP  Diff-Serv  requires  no  indi¬ 
vidual  per-flow  specifications  and  no  sig¬ 
naling.  Diff-Serv  works  by  segmenting  IP 
packets  into  a  small  number  of  forwarding 
“classes.”  It  uses  the  upper  six  bits  in  the 
type-of-service  byte  in  the  IP  header  of 
each  packet,  plus  two  bits  currently  un¬ 
used,  to  classify  priority  via  “code  points.” 
These  code  points,  the  so-called  Dif- 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one  and  want  to  contribute  it  to  a 
future  issue,  contact  Features  Editor 
Neal  Weinberg  (nweinberg®  nww.com). 


Diff-Serv  for  QoS 

Differentiated  Services  lets  companies  set  up  end-to-end  quality 
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Endpoints,  such  as  phones  orWindows  clients, 
can  mark  traffic  by  entering  code  point  values 
to  the  beginning  of  the  traffic  flow. 

t-mail  might  be 
marked  as  “best 
effort,"  the  lowest 
priority. 

WAH  router 


LAN  (remote  site) 


If  congestion  occurs,  data  packets 
are  dropped  and  voice  packets  are 
sent  through. 


ferentiated  Services  code  points  (DSCP), 
create  a  class-of-service  (CoS)  system  that 
eliminates  scalability  limitations,  complex 
policy  statements  and  management  prob¬ 
lems  of  other  QoS  standards. 

Each  DSCP  code  point  value  is  mapped 
to  a  defined  per-hop-behavior  (PHB)  iden¬ 
tification  code.  PHBs  specify  the  packet-for¬ 
warding  priorities  in  routers  or  other  net¬ 
work  devices.These  standard  PHBs  are: 

•  Expedited  forwarding,  delivering  the 
highest  QoS  level,  is  assigned  one  code 
point  defining  minimized  delay  and  jitter. 

•  Assured  forwarding  comprises  four 
classes  and  three  drop-precedences  within 
each  class  (for  a  total  of  12  code  points), 


Diff-Serv-enabled  router  forwards 
packets  based  on  class  of  service, 
as  indicated  by  code  points. 


each  defining  a  different  “drop  priority”  for 
dropping  a  packet  during  congestion  peri- 
ods.The  higher  the  drop  priority, the  sooner 
they  are  dropped.  For  example,  video  pack¬ 
ets  are  likely  to  have  higher  drop  priorities 
than  voice  packets  because  video  frames 
are  permanently  repeated. 

•  The  default,  or  “best  effort,”  PHB  is  as¬ 
signed  a  code  point  000000,  but  other  code 
points  can  be  mapped  to  this  setting. 

The  Diff-Serv  standard  is  somewhat  un¬ 
derspecified:  It  allows  many  possible  im¬ 
plementations  of  assured  forwarding  and 
lacks  a  definition  for  how  the  service  guar¬ 
antee  for  expedited  forwarding  is 
achieved.  As  a  result,  instead  of  a  standard 


method  for  forwarding  packets,  multiple 
algorithms  exist,  including  priority  queu¬ 
ing,  weighted  fair  queuing  and  weighted 
random  early  detection. 

End-to-end  QoS  requires  that  any  packet¬ 
forwarding  device  supports  Diff-Serv. 
Virtually  all  new  routers  are  Diff-Serv- 
enabled  and  have  dedicated  traffic-man¬ 
agement  appliances.  Also,  end  systems 
such  as  telephones  or  Windows  clients  and 
servers  can  mark  the  traffic  by  entering 
DSCP  values.  (Note  that  LAN  devices  must 
support  both  Layer  2  prioritization  [like 
IEEE  802.1D/Q]  and  Layer  3  prioritization 
[Diff-Serv].) 

Today  Diff-Serv  is  the  most  widely  accept¬ 
ed  QoS  mechanism  in  enterprise  networks. 

It  has  proven  to  be  scalable,  is 
supported  by  many  devices  and 
represents  a  well-balanced  com¬ 
promise  between  QoS  effort  and 
results.  A  best  practice  QoS  solu¬ 
tion  for  multisite  networks  com¬ 
bines  traffic  marking  in  end  sys¬ 
tems,  moderate  overprovision¬ 
ing  and  Diff-Serv  in  the  LANs,  plus  focusing 
on  managing  the  traffic,  based  partially  on 
DSCP  marking,  at  converged  WAN  links  be¬ 
tween  sites.These  are  usually  the  most  crit¬ 
ical  segments  of  enterprise  networks. 

Although  Diff-Serv  is  not  a  complete 
answer  to  all  QoS  issues,  it  is  a  critical  step 
in  achieving  this  long-term  objective.  By  let¬ 
ting  companies  segment  traffic  by  media 
type  (voice,  video), data  type  or  even  appli¬ 
cation  (enterprise  resource  planning,  ac¬ 
counting,  and  the  like.),  Diff-Serv  opens  the 
door  to  enterprisewide  QoS. 

Pawlita  is  director  of  IP  strategy  at 
Siemens  ICN.  He  can  be  reached  at 
Peter  Pawlita@icn.  siemens,  de. 


Voice  traffic 
might  be  marked 
as  “assured 
forwarding,"  a 
higher  priority. 


Dr.  Internet 


By  Steve  Blass 


Can  you  get  a  Web  browser's  media  access  con¬ 
trol  address  from  a  Web  server?  It  would  proba¬ 
bly  be  impractical  to  send  an  Address  Resolution 
Protocol  request. 

ARP  would  be  blocked  at  the  router  local  to  the 
Web  server  because  it  is  a  broadcast  protocol.  To 
retrieve  the  MAC  address  of  a  browser  machine, 
you  need  to  have  the  browser  collect  and  return 
operating-system-level  information  to  the  server. 
This  violates  most  browser-based  active  content 


security  models,  although  there  are  methods  in 
the  Microsoft  environment  for  getting  system-level 
network  information  from  the  inetmib.dll  the  way 
IPConfig  and  WinIPConfig  do,  and  through 
NetBIOS  and  COM  system  calls. 

The  problem  is  making  such  system  calls  from 
the  browser.  ActiveX  components  such  as  View¬ 
point  (www.nwfusion,  DocFinder:  2933)  collect  sys¬ 
tem  information  remotely  over  the  'Net,  but  these 
often  require  client  software  installation.  If  a  site 
visitor  installs  downloaded  software  from  you, 


then  you  can  deliver  a  program  that  sends 
IPConfig  output  to  me  Web  server.  You  also  might 
be  able  to  obtain  the  MAC  address  from  Windows 
machines  without  asking  the  user,  by  exploiting 
the  fact  that  COM  will  include  the  system  MAC 
address  as  part  of  identifiers  it  creates  (see 
DocFinder:  2934). 

Blass  is  a  network  architect  at  Change®) 
Work  in  Houston.  He  can  be  reached  at 
dr.internet@changeatwork.com. 
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Way  back  in  the  mists  of  time  (2001 
to  be  exact)  we  dissected  FTP  in  a 
series  of  columns  (www.nwfusion 
.com,  Doc  Finder:  2939). 

Now  FTP  is  jolly  good  stuff,  but  in  an 
enterprise  environment  it  has  a  few  draw¬ 
backs.  FTP  requires  specific  routing 
through  firewalls  and  most  FTP  products 
require  additional  software  and  subsys¬ 
tems  for  encryption,  authentication, 
scheduling  and  auditing.  The  bottom  line 
is  that  it  is  hard  to  tightly  integrate  FTP 
with  enterprise  services.  Thus  Netsilica 
EPN  was  forged. 

Netsilica  EPN  (Enterprise  Private  Net¬ 
work)  is  a  product  from  Netsilica  that 
enables  data  transfers  for  intranet  and 
extranet  enterprise  environments  without 
requiring  architectural  changes  to  the  net¬ 
work,  without  adding  hardware  and  with 
minimal  management  overhead. 

At  its  core  is  the  Netsilica  EPN  server  — 
which  appears  to  be  a  modified  Web 


Better  than  FTP! 

server  —  which  mediates  secure  HTTP 
(HTTPS)  file  transfers  between  “source 
clients”  (computers  that  act  as  data 
stores)  and  end  users  using  Web 
browsers  or  other  source  clients. 

EPN  conducts  client  ID  validation 
through  add-on  authentication  modules. 
Current  modules  include  support  for 
Microsoft  Active  Directory  Services  (ADS), 
Microsoft  NT  domains,  F1ADIUS  and  Light¬ 
weight  Directory  Access  Protocol  (LDAP)- 
compliant  systems. 

The  beauty  of  using  browsers  as  end¬ 
points  for  file  up-  or  downloading  is  that 
all  major  browsers  support  HTTPS,  no 
client  installation  is  needed  and  end-user 
training  is  minimal.  And  because  HTTPS  is 
used,  all  transfers  are  secure.  So,  as  long  as 
HTTP/HTTPS  access  is  enabled  across 
and/or  out  of  the  network,  no  modifica¬ 
tions  are  required  to  firewalls,  proxy 
servers  and  routers. 

The  source  client  software  is  a  small  pro¬ 
gram  that  lets  you  select  which  local  dri¬ 
ves  on  a  computer  are  available  for  access 
through  the  EPN  server  (the  source  com¬ 
puter  can  be  a  mainframe,  PC  server  or 
desktop  machine). 

We  found  a  bug  in  the  source  client 
application:  You  can’t  select  a  subdirec¬ 
tory  marked  as  a  Windows  shared  Web 


GEARHEADSCORECARD 


Product:  Netsilica  EPN 


Functionality . 

. A 

Overall  grade 

Elegance . 

....B 

A 

Value  for  money.... 

....A 

A- 

Vendor:  Netsilica 

www.netsilica.com 


directory  even  if  the  subdirectory  is  on  a 
local  drive. 

Another  minor  issue  is  that  if  you 
select  a  subdirectory  to  be  shared,  you 
can’t  set  it  to  be  the  effective  root  (in 
other  words,  it  can’t  be  aliased).  Thus 
the  entire  path  from  the  root  of  the  drive 
down  to  the  subdirectory  to  be  shared  is 
visible  to  clients  even  if  the  content  in 
the  other  subdirectories  in  the  path  are 
not  visible. 

Performance  was  good,  and  the  server 
optionally  can  compress  the  data  files  on 
the  fly  to  improve  throughput  for  com¬ 
pressible  content.  And  because  of  the 
closed  and  therefore  controlled  nature  of 
the  system,  access  control  and  auditing 
are  easy 

A  great  feature  is  the  ability  to  integrate 
with  Outlook  or  Notes.  Then,  when  you 


www.nwfusion.com 


use  a  browser  to  connect  with  the  source 
client  through  the  EPN  server,  there’s  a 
tab  on  the  home  page  for  Microsoft 
Outlook  or  Lotus  Notes  that  takes  you  to 
a  page  that  shows  the  facilities  of  the 
application. 

We  tried  to  access  an  Outlook  client 
and  were  impressed  to  be  able  to 
browse  and  modify  the  calendar  and 
send  and  receive  mail  from  across  the 
country  But  there  are  some  minor  limita¬ 
tions,  including  access  to  contact  data 
because  of  the  bandwidth  impact,  and 
Notes  whiteboards  are  not  supported. 

The  system  is  supported  through  native 
code  on  Windows  and  Linux  and  through 
Java  on  Macintosh  and  anything  else  that 
supports  Java. 

A  typical  EPN  system  with  five  twin- 
processor  servers,  100  desktop  source 
clients,  ADS  authentication  and  Outlook 
support  would  cost  about  $16,000  to 
$20,000  plus  20%  annual  maintenance 
(that’s  around  $160  to  $200  per  user  plus 
maintenance). 

There  is  more  to  this  product  that  we 
haven’t  covered  but  the  bottom  line  is  that 
this  is  a  killer  enterprise  solution. 

Large-scale  enthusiasm  to  gearhead@ 
gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Got  Ethernet?  Add  a  wireless  bridge 


Ethernet  is  moving  beyond  the  realm  of  notebooks 
and  PDAs,  as  more  devices  gain  Ethernet  ports  to 
access  the  Internet.  The  network  is  moving  from 
home  offices  into  the  living  room  as  home  audio  equip¬ 
ment,  video  equipment  and  video  game  consoles 
enter  the  Internet-connected  arena. 

If  your  house  is  wired  with  Category  5  cabling, 
you  don’t  really  have  a  problem,  as  you  can  just 
plug  in  the  devices  to  the  Ethernet  port  on  the 
wall.  For  the  rest  of  us,  getting  these  devices  con¬ 
nected  raises  some  issues.  Sure,  you  could  get  out 
the  Cat  5  cables  and  run  them  around  the 
house.  But  the  easier  answer  is  wireless  (if 
you  already  have  a  wireless  network). 

Vendors  are  recognizing  this  and  have 
come  out  with  wireless  Ethernet  bridge 
equipment  that  lets  you  connect  Ether¬ 
net-enabled  devices  to  the  Internet.  We 
recently  came  across  two  such  devices, 
the  Linksys  WET11  ($106)  and  D-Link 
Systems’  DWL-810  ($129).  While  you  can  use 
these  bridges  to  connect  an  Ethernet- 
euabled  computer  to  a  wireless  network, 
they  will  find  more  traction  connecting  to 
noncomputer  Ethernet  devices.  After  all,  for 
computers  there  are  alternatives,  such  as 
USD-enabled  adapters  (for  desktops)  and  PC  Card 
adapters  (for  notebooks). 

The  Ethernet  bridges  we  tested  were  small  boxes  that 


included  an  antenna  (the  Linksys  bridge  antenna  screws 
in,  the  D-Link  antenna  comes  preconnected  to  the  box), 
an  Ethernet  port  and  a  power  adapter. 

Before  connecting  the  bridge  to  an  Ethernet-enabled 
device, you  have  to  configure  the  bridge  to  recognize  your 
wireless  network. The  devices  differ  slightly  in  this  config¬ 
uration  part,  and  your  patience  with  this  process  might 
determine  which  bridge  you  choose. 

The  Linksys  bridge  requires  you  to  connect  directly  to  a 
computer,  hub,  router  or  switch.  Because  we  had  a  Linksys 
home  gateway  we  connected  this  way  The  WET1 1  also  has 
a  flip  switch  that  tells  the  bridge  whether  it’s  connected  to 
a  hub/router  or  the  actual  Ethernet  device.  When  we  fin¬ 
ished  configuring  the  bridge,  we  couldn’t  get  it  to  work  un¬ 
til  we  remembered  to  flip  the  switch.  After  you’re  connected 
to  the  hub/router/switch,  you  insert  a  CD-ROM 
and  a  quick  installation  program  lets  you 
change  the  configuration  of  the 
bridge  to  match  your  wire 
less  network.Then  it’s  a  quick 
reboot  and  you’re  ready  to 
connect  to  your  Ethernet- 
enabled  device. 

The  D-Link  bridge  had  no 
switches  to  flip,  and  there 
was  no  CD-ROM  installation 
program.  Instead,  we  had  to 
connect  a  computer  to  the  bridge 
with  a  crossover  cable.  Then  we 
had  to  reconfigure  our  computer 
to  give  it  a  static  IP  address  that 
matched  (on  the  same  subnet) 
the  IP  address  of  the  bridge.  After  connecting  to  the  Web 
server  on  the  D-Link  bridge,  we  could  change  the  settings 
to  tell  the  bridge  the  name  of  our  wireless  network  and 


D-Link's  DWL-810  bridge  connects  to 
a  computer  via  a  crossover  cable. 


change  the  Dynamic  Host  Configuration  Protocol 
settings  to  let  our  router  assign  it  a  dynamic  IP 
address.We  had  issues  with  both  installation 
methods,  so  the  final  choice  about  which  bridge 
to  go  with  depends  on  the  router/switch  you  have. 

After  configuring  the  bridge,  it’s  an  easy  matter 
of  connecting  it  to  an  Ethernet-enabled  device, 
and  powering  up  the  device  and  bridge  to  con¬ 
nect  to  the  Internet.  We’ve  had  success  with  the 
Turtle  Beach  Audiotron  audio  player,  the  Philips 
MC  i200  Streamium  audio  player,  and 
our  Sonicblue  replayTV  4500 
personal  video 
recorder. 


Linksys'  WET11  bridge  con¬ 
nects  directly  to  a  computer's 
hub,  router  or  switch. 


The 
obvious 
market  for 
these  devices 
are  the  Xbox  video  game 
console  and  the  Sony 
Playstation  2  with  its  new  network  adapter. 

If  my  editors  will  let  me  expense  the  Xbox,  we’re  going  to 
try  that. 

Each  product  gets  a  thumbs  up,  for  saving  me  a  ton  of 
money  because  1  didn’t  have  to  go  to  Home  Depot  and 
extend  my  wired  network  to  the  living  room. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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.Core- >o- Edge  Enterprise  Solutions; 


If  You  Had  Just  Saved  $120,000 
Your  First  Month,  You'c  Be 
Smirking,  Too. 


When  BlueCross  BlueShield  of  Tennessee 


set  out  to  build  a  SAN,  they  were  looking 
for  far  more  than  just  a  vendor.  They 
were  looking  for  a  partner,  which  is 
precisely  what  they  found  in  McDATA. 
What  we  uniquely  had  to  offer  was  a 
complete  solution  that  encompassed 
hardware,  software,  and  more  importantly, 
long-term  strategic  thinking. 


"It  goes  beyond  McDATA  having  the 
finest  SAN  hardware  and  software 


products  on  the  market;  what  was  key 
was  the  partnership  we  formed. " 


Bob  Venable 


Manager  of  Enterprise  Systems 


HI  iK ‘Ci  ■'OSS  Hhuf 
of  Tennessee 


The  results  were  even  greater  than 
imagined.  Using  our  SANavigator 
software,  BlueCross  BlueShield  of 
Tennessee  saved  an  astonishing  $120,000 
the  first  month  alone.  They  grew  their 
business  by  15%,  at  the  same  time 
improving  their  corporate  efficiency  by 
30%.  And  now  the  firm  is  able  to  manage 
46  terabytes  of  data  and  over  4,000  users 
with  just  four  part-time  administrators. 


Just  like  we  did  for  BlueCross  BlueShield 


of  Tennessee,  McDATA  could  help  you  save 
a  lot  of  green,  too.  So  give  us  a  call  or  visit 


our  website. 


1.800.545.5773 

www.mcdata.com/nww 
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Opinions 


www.nwfusion.com 


Face-off 


Are  Weblogs  legitimate 
business  tools? 


Two  industry  insiders  debate  whether  blogs  have  the  potential  to  transform  business. 


YES,  by  Bill  Keaggy 


sing  Weblogs  in  your  business  environment  can  increase  employee  commu¬ 
nication  and  knowledge,  save  time  and  resources,  and  build  reputation  and 
confidence.We’re  not  talking  server  logs  here;  the  Weblogs  we’re  talking  about 
are  topical,  frequently  updated  Web  pages  powered  by  knowledgeable  con¬ 
tributors.  Drop  the  notion  of  blogs  as  vanity  sites  for  high  school  diarists  and 
time-wasting  black  holes  made  by  wannabe  writers.  Blogs  can  be  anything.  It’s  up  to  you 
to  make  them  useful. 

You  might  pass  along  a  useful  Web  site  or  an  article  to  friends  and  co-workers  via  e-mail. 
And  your  colleagues  might  do  the  same. The  good  part  is  that’s  a  lot  of  distributed  knowl- 
edge.The  bad  part  is  there’s  no  organization  or  centralization  of  the  knowledge. 

You  and  your  colleagues  could  be  posting  that  information  to  a  company  blog.  Then 
everyone  would  have  a  filtered  repository  that  was  constantly  updated  with  relevant  arti¬ 
cles  and  opinions.  It  would  be  archived,  searchable  and  available  anywhere  you  had  an 
Internet  connection.  It  could  even  be  categorized  by  topic,  date  and/or  author.  And  it 
could  be  formatted  for  XML  syndication,  e-mail  delivery,  PDAs,  even  cell  phones. 

I  maintain  two  blogs  at  my  company  Both  are  valuable  to  my  co-workers,  but  it  goes 
beyond  that.  One,  which  links  to  business  resources  on  the  Web,  is  proving  to  be  valuable 
to  our  customers.  The  other,  which  links  to  information  design  and  visual  thinking 
resources,  is  considered  essential  to  students  and  professionals  in  fields  similar  to  ours. 

These  blogs  are  not  only  knowledge  builders,  they’re  reputation  builders.  Since  1999,  a 
targeted  audience  from  all  over  the  world  has  visited  my  company’s  Web  site  to  read  the 
latest  postings.  With  help  from  some  contributors  and  other  blogs,  we’ve  filtered  the  best 
resources  on  the  Web  for  our  employees,  our  customers  and  our  industry 

One  of  the  biggest  complaints  in  the  business  world  is  “too  much  e-mail.”  E-mail  is  cru¬ 
cial,  but  individuals  don’t  sort,  save  or  delete  it  in  the  same  way  This  makes  sharing  and 
retrieval  of  information  difficult  in  large  corporate  environments.  A  blog  ensures  that  no 
messages  get  deleted  or  lost. 

A  blog  can  keep  everyone  up  to  date  on  projects  without  clogging  in-boxes.  It 
also  can  provide  an  archive  of  mistakes  and  milestones  that  could  be  shared 
with  other  teams  undertaking  similar  projects. 

You  could  be  using  blogs  in  many  ways:  as  internal  and/or  external  com¬ 
pany  blogs  filled  with  competitor,  industry  and/or  company  news;  crisis 
management,  product  and  sales  updates;  Web  resources;  network  informa¬ 
tion;  and  resources  for  customers. 

To  learn  more  about  the  potential  of  using  blogs  in  business  environ- 
1 1  “i  its,  visit  www.nwfusion.com,  DocFinders:  2930  and  2931. 


JOHN  ABBOTT 


NO,  by  Mark  Hurst 


Keaggy  is  brand  manager  at  XPLANE,  a  St.  Louis,  Mo.,  business 
communications  company.  He  can  be  reached  at  bkeaggy@ 

xplane.com. 


More  online! 

Log  on  to  Network  World  Fusion  to  voice  your  opinion. 
Face-oFf  authors  Bill  Keaggy  and  Mark  Hurst  will  add 
their  thoughts  to  the  discussion. 

DocFinder  2921 


hile  Weblogs  are  an  increasingly  popular  tool,  they’re  not  nearly  as 
transformative  as  some  people  think.  Based  on  my  three  years  of 
writing  “Good  Experience,”  a  newsletter  and  blog,  the  blog 
has  limited  value  as  a  business  tool.  I  will  grant  that  blogs  are  here  to  stay 
because  they  make  it  easy  for  almost  anyone  to  publish  online.  But  most 
blogs  are  just  that:  random  people  posting  their  random  opinions,  for  anyone  who  cares 
to  read  them.  Many  blogs  dispense  trivia  from  the  author’s  personal  life  —  pets,  friends, 
favorite  TV  shows  —  while  others  are  somewhat  more  intelligent,  discussing  books,  arti¬ 
cles  and  other  blogs. There  are  thousands  of  blogs  out  there,  making  it  a  constant  ques¬ 
tion  of  what  (if  anything)  is  worth  reading  day  to  day. 

This  reality  doesn’t  match  the  recent  hype  about  blogs.  Some  proponents  have  sug¬ 
gested  that  blogs  will  transform  the  corporate  world  by  ushering  in  an  era  of  openness. 
Get  the  engineer  to  write  his  honest  thoughts  about  the  product  in  his  blog,  and  he’ll 
bypass  those  marketing  pinheads  to  deliver  the  truth  straight  to  the  customer. 

So  far,  it  hasn’t  happened  like  that.  There  are  a  few  blogs  aimed  at  a  business  audi¬ 
ence,  but  they’re  written  mainly  by  technology  journalists  and  commentators  looking 
for  a  venue,  free  of  any  editors,  in  which  to  publish  their  views.  This  is  an  interesting 
development  for  journalism,  but  it’s  limited  in  scope  (how  many  journalists  have  the 
time  and  interest  to  write  a  second  column?)  and,  of  course,  limited  to  journalists. 
There’s  little  effect  on  the  corporation. 

There’s  nothing  inherent  in  blog  technology  that  will  transform  a  business.  A  page 
of  online  posts,  sorted  reverse  chronologically,  just  doesn’t  by  itself  change  a  corpo¬ 
ration.  If  anything,  the  blog  is  inherently  less  effective  than  a  more  popular  tool  that 
companies  have  used  for  years:  the  e-mail  newsletter. 

As  with  other  Internet-based  tools,  ease  of  use  determines  the  winner.  Newsletters 
come  straight  to  the  user’s  in-box,  while  blogs  require  users  to  remember  a  URL  and 
take  the  initiative  to  go  to  the  page. 

Proponents  also  claim  blogs  can  create  a  community  of  people  interested  in 
a  particular  topic.  Once  again,  the  blog  is  trumped  by  an  older,  established 
tool:  Usenet.  These  online  discussion  groups,  which  have  been  in  use 
since  the  birth  of  the  ’Net,  are  not  dependent  on  one  author  making 
updates,  and  now  are  searchable  on  Google. 

How  can  blogs  compete? 

True  believers  of  blogs  have  forgotten  the  lesson  of  the  past  two  years: 
Don’t  overstate  the  potential  of  a  new  technology,  especially  when  it  has 
“Web”  in  its  name.  I  am  trying  to  be  a  bit  more  realistic. 


Hurst  is  founder  of  Creative  Good,  a  New  York  Internet  consul¬ 
tancy,  and  writes  the  “ Good  Experience  ”  newsletter  (goodexperi 
ence.com).  He  can  be  reached  at  mark@creativegood.com. 


HOW  DO  YOU  IMPROVE  YOUR 
E-BUSINESS  EFFECTIVENESS? 


When  you  test  Web  performance,  what  you  really  want  to  know 
is  how  the  Web  is  affecting  your  bottom  line.That's  where 
Keynote  Systems  can  help. 

At  Keynote,  we  know  something  about  performance.  We  have  been 
benchmarking  the  world's  leading  Web  sites  for  nearly  a  decade. 
All  that  expertise  goes  into  Keynote's  performance  testing  services 
to  help  you  measure  the  effectiveness  of  your  e-business. 

Keynote  offers  services  to  help  you  test  every  aspect  of  your 
e-business,  including  scalability,  capacity,  user  experience,  and 
content  integrity.  Our  performance  testing  services  give  you  a 
360-degree  perspective  of  your  e-business  effectiveness. 

It's  the  least  you  can  expect  from 
the  Internet  Performance  Authority®. 

To  find  out  how  Keynote  testing  services  can  improve 
performance,  save  you  money,  and  increase  your  e-business 
effectiveness,  call  1 -800-KEYNOTE  (800-539-6683), 
or  go  to  www.keynote.com/nww 


IMPROVING  THE  QUALITY  OF  E-BUSINESS  WORLDWIDE. 


H KEYNOTE 

The  Internet  Performance  Authority 


©  2002  Keynote  Systems,  Inc.  Keynote  and  the  Keynote  logo  are  registered  trademarks  of  Keynote  Systems,  Inc.  All  rights  reserved. 


irkWoPid 

11/04/02 

EDITORIAL 

John  Dix 

Turning  the 
security  lens 
on  storage 


The  Storage  Networking  World  conference  in 

Orlando  last  week  was  bustling  with  scores  of  ven¬ 
dors  and  buyers  talking  about  everything  from  stor¬ 
age  security  to  storage  resource  management. 

In  fact,SRM  —  the  ability  to  centrally  manage  and  pro¬ 
vision  multivendor,  multitechnology  storage  resources  — 
seems  to  have  eclipsed  virtualization  as  the  Holy  Grail  of 
storage.  But  vendors  define  SRM  differently, so  it  will  be 
some  time  before  we  can  agree  on  an  end  point  and 
start  to  map  out  how  to  get  there. 

I  was  at  the  show  —  sponsored  by  sister  publication 
Computerworld  in  conjunction  with  the  Storage  Net¬ 
working  Industry  Association  (SNIA)  —  to  chair  a  vendor 
panel  on  storage  security  As  storage  resources  are  net¬ 
worked  and  we  adopt  technologies  such  as  iSCSI  to 
move  storage  data  around  IP  networks,  sometimes  over 
distance,  it  becomes  clear  we  need  to  start  adopting  tra¬ 
ditional  network  security  thinking. 

I  asked  the  panel  —  which  included  representatives 
from  Decru.Iron  Mountain,  Kasten  Chase,  Nortel  and 
Vormetric  —  if  storage  is  a  feature  or  a  product. 

Bill  Schroeder,  president  and  CEO  of  Vormetric,  argued 
that  storage  security  is  complex  so  it  is  best  addressed  in 
stand-alone  products  offered  by  companies  like  his  that 
are  focused  on  the  task.  Maybe  with  time  it  gets  absorbed 
into  other  products,  he  said. 

While  you  would  expect  him  to  say  that,  Dan  Avida, 
president  and  CEO  of  Decru,  pointed  out  that  everyone 
thought  Check  Point  Software  wouldn’t  get  off  the 
ground  because  of  Cisco,  but  look  at  it  today.'The  need 
for  high  performance  dictates  use  of  stand-alone  prod¬ 
ucts,”  he  said. 

Asked  whether  it  was  more  important  to  secure  primary 
or  secondary  storage  —  given  secondary  is  often  trans¬ 
ported  and  sometimes  ends  up  off  site  —  Avida  argued 
for  primary“If  you  encrypt  that,  everything  you  back  up 
will  already  be  secured.” 

But  some  of  the  panelists  said  you  don’t  need  to  secure 
everything.  Focus  on  the  applications  that  are  the  most 
sensitive. 

There  was  some  disagreement  about  key  management. 
Schroeder  said  it  isn’t  much  of  an  issue  because  the  sys¬ 
tems  use  the  same  key  in  the  encryption  process  as  they 
dr,  in  decryption.  But  Avida  says  that  key  rotation  was 
important, You  want  to  make  sure  your  key  management 
'  stein  can  unlock  data  that  has  been  locked  away 
for  years. 

ii  nothing  else,  the  panel  highlighted  that  storage  security 
i  >  an  emerging  and  important  field  that  deserves  study. 
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opinions! 


VoIP  views 

Regarding  “Quality  question  remains  for  VoIP” 
(www.nwfusion.com,  DocFinder:  2924):  This  past 
year  I  rolled  out  a  new,  1 ,000-phone  PBX.  I  consid¬ 
ered  voice  over  IP  briefly  but  decided  that  it  wasn’t 
ready  for  prime  time,  for  the  following  reasons: 

•  Up  time:  Our  phones  need  to  be  up  24-7;  most 
networks  are  not.  Don’t  rely  on  a  transport  layer  to 
support  phones  that  is  not  as  reliable  as  what  you 
require. 

•  Converged  infrastructure:  This  sounds  great,  but 
what  if  you  are  on  the  phone  and  a  denial-of-service 
attack  is  launched  against  anything  in  the  path  of 
the  call?  Phone  traffic  has  no  business  on  the  data 
network  unless  it  is  very  low-priority  traffic, or  it  is  too 
expensive  to  run  a  second  network  to  a  location. 

•  Price:  VoIP  equipment  still  costs  at  least  five 
times  as  much  as  analog  equipment,  and  probably 
two  to  three  times  as  much  as  digital  equipment.  If 
your  telephone  cable  plant  is  in  place,  why  not  use 
it  rather  than  pay  someone  to  pull  it  out? 

•  Maturation  of  equipment:  As  far  as  I  could  find, 
there  is  no  interoperability  of  different  brands  of  sys¬ 
tems.  Sure,  you  can  call  a  phone  by  a  different  ven¬ 
dor,  but  the  bells  and  whistles  that  end  users  come 
to  expect  don’t  generally  work  across  brands.  Once 
this  problem  is  straightened  out,  VoIP  has  a  much 
better  shot  at  taking  off. 

Our  break-even  point  for  the  new  PBX  is  a  little 
more  than  two  years.  After  that,  it’s  free.The  difficulty 
with  VoIP  might  be  taken  care  of  before  we  have  to 
replace  our  switch  again;  only  time  will  tell. 

Patrick  Horne 

Network  manager,  Computer  Science  Department 

University  of  Texas 
Austin 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  Editor  In 
Chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


After  reading  “Quality  question  remains  forVoIR’I 
feel  it  necessary  to  clarify  the  statement  that  “The 
result  of  latency  is  jitter, which  can  cause  an  IP  voice 
conversation  to  break  up.”  The  variation  in  latency 
on  a  data  network  is  what  results  in  jitter,  not  the 
actual  delay  itself.  Jitter  buffers  on  most  VoIP  prod¬ 
ucts  are  dynamic,  meaning  they  resize  themselves 
according  to  conditions  on  the  data  network.  If  the 
delay  is  relatively  constant,  the  buffers  don’t  need  to 
work  as  hard,  and  voice  quality  doesn’t  suffer  as 
much.  Under  these  circumstances,  as  long  as  the 
total  delay  doesn’t  exceed  a  customer’s  budget,  jitter 
doesn’t  contribute  as  much  to  VoIP  quality  as  other 
network  factors. 

On  the  other  hand,  as  most  IP  networks  aren’t  man¬ 
aged  with  comprehensive  quality-of-service  (QoS) 
policies,  the  variation  in  delay  can  be  dramatic,  and 
therefore  damaging  to  VoIP  streams.  QoS  policies 
aren’t  enforced  to  just  reduce  delay,  but  to  limit  the 
variation  in  that  delay  Delay  isn’t  the  only  cause  of 
poor-quality  VoIP  conversations.  There  are  other  fac¬ 
tors  involved. 

Jeffrey  Coomans 
Emerging  technology  consultant 
NextiraOne 
Tempe.Ariz. 

What  I  never  see  mentioned  is  the  old  adage  about 
putting  all  of  your  eggs  in  one  basket.  In  the  1980s, 
those  of  us  on  the  voice  side  were  trying  to  convince 
customers  to  run  data  through  the  PBX.  But  end 
users  feared  that  if  the  PBX  went  down,  they  would 
lose  all  communication,  both  voice  and  data.  Now  it 
seems  that  no  one  is  too  worried  about  this.The  PBX 
has  proved  to  be  a  much  more  stable  platform  than 
the  network.  It  might  be  less  expensive  to  go  with  an 
IP  solution,  but  is  it  worth  the  instability?  The  best 
solution, at  this  point,  might  be  to  use  a  combination 
of  these  two  platforms. 

Mike  Dineen 
Rochester,  N.  Y 


—  John  Dix 
Editor  in  chief 
jdix@nww.  com 
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STRATEGY  SESSION 

Jeff  Kaplan 

Given  the  economic  climate,  it’s  not  sur¬ 
prising  that  IT  executives  are  looking 
for  ways  to  do  more  with  less.  When  it 
comes  to  their  existing  IT  operations,  the 
mantra  of  the  day  is  consolidation  and  stan¬ 
dardization.  Yet,  few  IT  organizations  have  the  expertise,  experience 
or  objectivity  to  downsize  their  IT  systems. 

It  wasn’t  long  ago  that  IT  departments  were  scurrying  to  keep  pace 
with  extraordinary  growth.  Basking  in  the  glow  of  the  potential  for  the 
Internet  and  e-commerce  to  transform  how  companies  did  business,  IT 
departments  stockpiled  PCs,  servers  and  storage. 

Times  have  changed.  Cap  Gemini  Ernst  &  Young  estimates  that  there 
is  40%  more  computing  equipment  and  software  in  the  U.S.than  is  nec¬ 
essary  to  run  today’s  economy  Meta  Group  expects  IT  spending  to  drop 
3%  this  year  and  possibly  fall  another  5%  in  2003. 

Now  IT  departments  are  grappling  with  how  to  cut  back.  Many  of 
these  organizations  lack  systems  and  applications  performance  statis¬ 
tics  to  determine  how  well  their  operations  support  their  needs.  Others 
lack  in-house  skills  to  interpret  and  extrapolate  the  statistics.  Even  with 
the  right  tools  to  generate  statistics  and  the  right  skills  to  interpret  this 
data,  few  companies  have  a  corporate  policy  and  procedure  for  objec¬ 
tively  evaluating  their  IT  computing  and  application  needs. 

IT  consulting  companies  are  attempting  to  fill  this  void.  These  firms 
also  benefited  from  the  Internet  boom  and  have  suffered  from  its  col¬ 
lapse.  As  a  result,  their  number  has  dropped  significantly  Their  focus 


Managing  IT  contraction 


also  has  shifted  from  promoting  new  economy  theories  to  providing 
practical  help  increasing  the  business  value  of  IT. 

Gartner’s  recent  Symposium  Conference  reinforced  the  timeliness  of 
this  shift.The  most  popular  sessions  examined  best  practices  for  prior¬ 
itizing  and  measuring  the  return  on  investment  of  IT  initiatives.  While 
attendees  were  pleased  with  the  attention  this  issue  received,  many 
were  frustrated  about  the  lack  of  solid  steps  offered  to  be  successful. 

A  variety  of  IT  consulting  firms  are  seeking  to  supply  the  road  map 
and  the  personnel  to  execute  clients’  consolidation  and  standardiza¬ 
tion  plans.  IT  decision-makers  should  evaluate  potential  consultants 
based  on  three  criteria:  depth  of  expertise  and  experience  working 
with  the  technology  and  applications  already  installed  in  your  envi¬ 
ronment;  structure  and  flexibility  of  consultants’  service  delivery 
methodology;  and  ability  to  quantify  performance  improvements  of 
new  operations  and  verify  their  effectiveness  by  providing  strong 
client  references. 

Most  importantly,  IT  decision-makers  should  be  mindful  of  the  bias  of 
their  consulting  company  If  you  are  relying  on  the  consulting  arm  of  an 
IT  vendor,  beware  of  consolidation  and  standardization  strategies  that 
favor  their  equipment  orsoftware.To  be  safe,  when  it  comes  to  consol¬ 
idation  and  standardization  initiatives,  getting  a  vendor-independent 
opinion  is  the  best  strategy 


IT  consulting 
firms  are  seeking 
to  supply  the 
road  map ...  to 
execute  clients' 
consolidation 
and  standardiza¬ 
tion  plans. 


Kaplan  is  managing  director  of  THINKstrategies,  a  consultancy  in 
Wellesley,  Mass.  He  can  be  reached  at  jkaplan@thinkstrategies.com. 


SPEAKING  THE  LANGUAGE 

Linda  Musthaler 


s  a  network  executive,  you  want  to  be 
responsive  to  your  users’  needs.  Those 
l  users  might  include  people  with  disabil¬ 
ities  —  the  temporary  or  permanent  loss  of  a 
major  life  function,  such  as  mobility  sight,  hearing  or  cognitive  ability 
In  recent  years,  technology  vendors  have  gone  to  great  lengths  to 
make  their  products  “accessible.”  Accessibility  means  the  product  can 
be  used  or  adapted  for  use  by  people  with  disabilities.Take  the  com¬ 
mon  modern-day  PC.  Almost  every  PC  coming  off  the  assembly  line 
today  has  accessibility  features.  Switches,  buttons  and  plugs  are  often  in 
the  front  of  a  machine  so  that  a  person  with  limited  mobility  can  reach 
them.  Keyboards  have  raised  bumps  on  the  F  and  J  keys  so  that  a  per¬ 
son  with  limited  sight  can  find  the  home  row  of  keys.  The  buttons  are 
concave  to  support  limited  dexterity  accessibility 
Accessibility  extends  beyond  hardware  and  into  software.  Windows 
XPin  particular,  is  noted  for  its  accessibility  features.You  can  adjust  the 
operating  system’s  settings  to  make  screen  readers  work  better. You  can 
get  visual  warnings  for  system  sounds.  You  can  make  the  keyboard 
ignore  inadvertently  repeated  keystrokes.  These  features  are  important 
to  someone  with  limited  sight,  hearing  or  dexterity  respectively 
Hardware  and  software  vendors  aren’t  entirely  altruistic  in  their  moti¬ 
vations.  In  1998,  the  federal  government  strengthened  a  law  called  the 
Rehabilitation  Act. Section  508  of  the  newly  enhanced  law  requires  that 
when  federal  agencies  develop,  procure,  maintain  or  use  electronic 
and  information  technology,  they  must  ensure  that  it  is  accessible  to 
people  with  disabilities  unless  it  would  pose  an  undue  burden  to  do 
so.That  means  any  hardware  or  software  vendor  that  wants  to  sell  to  the 
federal  government  must  ensure  that  products  comply  with  the  law. 
Many  state  and  local  governments  also  follow  the  guidelines. 

Because  the  government  market  is  a  hefty  one  for  technology  firms, 
most  vendors  have  chosen  to  adapt  their  products.  The  adaptations, 
such  as  the  bumps  on  the  keyboards,  are  nonintrusive,  and  in  many 
cases  provide  benefit  to  people  without  disabilities.  (Ever  try  to  use 
your  laptop  on  a  dimly  lit  plane?  Those  bumps  help  you  to  quickly  find 
the  right  keys.) 


Accessibility  helps  everyone 


Beyond  simple  accessibility  assistive  technology  is  an  add-on  pro¬ 
gram  or  device  that  vastly  enhances  the  functionality  of  the  PC  and  the 
effectiveness  of  the  user.  Products  include  things  such  as  screen  read¬ 
ers,  which  are  software  programs  that  provide  graphics  and  text  as 
speech;  Braille  embossers,  which  transfer  computer-generated  text  into 
embossed  Braille  output;  and  alternative  input  devices,  which  let  indi¬ 
viduals  control  their  computers  through  a  means  other  than  a  standard 
keyboard  or  pointing  device. 

Products  of  all  sorts  help  people  with  limited  vision,  hearing,  dexter¬ 
ity  mobility  and  cognitive  ability  A  user  would  select  a  program  or 
device  based  on  his  specific  needs.  With  the  right  assistive  technology 
in  place,  a  person’s  disability  becomes  irrelevant  in  his  ability  to  per¬ 
form  a  job. 

Web  sites  also  should  be  designed  with  disabled  users  in  mind.There 
are  legal  challenges  in  the  courts  right  now  that  should  prompt  all  Web 
developers  to  make  sites  fully  accessible.  The  World  Wide  Web  Con¬ 
sortium  has  published  guidelines  for  this  purpose  (visit  www. 
w3c.org/wai/).  Further,  there  are  numerous  tools  and  utilities  that  help 
you  develop  and  test  accessible  code  (see  www.webable.com).  Mak¬ 
ing  your  Web  site  and  Web-enabled  applications  fully  accessible  makes 
good  sense,  as  it  only  expands  the  community  of  people  who  can  fully 
utilize  your  site  or  application. 

If  this  topic  interests  you,  please  read  my  series  on  accessibility  in  IT 
in  the  Technology  Executive  newsletters  online  at  www.nwfusion.com, 
DocFinder:  2927.  For  more  information  on  assistive  technology,  visit  The 
Assistive  Technology  Industry  Association  at  www.atia.org.  Search  for 
various  types  of  assistive  technologies  at  www.abledata.com. 

If  you  have  people  with  disabilities  in  your  user  or  customer  commu¬ 
nity  —  and  statistics  show  that  you  probably  do  —  give  them  the  IT 
tools  they  need  to  fully  and  productively  use  your  network  or  Web 
resources.  In  return,  you’ll  be  rewarded  with  some  of  the  most  loyal 
employees  and  customers  you’ll  ever  have. 


Assistive  technol¬ 
ogy .. .  vastly 
enhances  the 
functionality  of 
the  PC  and  the 
effectiveness  of 
the  user. 


Musthaler  is  nice  president  of  Currid  &  Company,  a  technology 
assessment  firm  in  Houston.  She  can  be  reached  at  linda@currid.com. 
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You’re  in  a  conference  room  in  New  York 
and  you  need  to  get  in  touch  with  Bob  in  Los 
Angeles.  You  don’t  know  if  Bob  is  in  his 
::  office,  on  the  road  or  in  a  meeting,  so  you 
don’t  know  the  best  way  to  reach  him. 

But  what  if  you  could  launch  your  Windows 
Messenger  application,  click  on  Bob’s  name 
in  your  buddy  list  and  immediately  discover 
Bob’s  “presence”?  He  is  in  his  office  and  can 
be  reached  by  instant  message  or  phone. 

You  decide  to  call  Bob,  so  you  click  the 
voice-call  option  on  your  screen  and  start  a 
conversation  via  Messenger’s  built-in,  PC-to- 
PC  voice  technology.  As  you’re  talking,  Bob 
suggests  that  you  add  Sue  to  the  call,  so  you 
check  for  her  presence  and  see  she’s  avail¬ 
able  by  voice  and  videoconference. 

With  a  few  more  mouse  clicks,  you  create  a 
three-way  conversation:  you  and  Sue  sharing 
a  videoconference,  with  Bob  hooked  in  over 
his  voice  link. 


Of  course,  presence-based,  real-time, 
multimedia  communication  like  this 
hasn’t  arrived  at  the  enterprise  yet,  but 
it’s  not  that  far  off  either. 

One  key  driver  is  that  Microsoft  has 
bundled  its  Messenger  client  into 
Windows  XP.  And  the  latest  version  of 
Messenger  supports  Session  Initiation 
Protocol  (SIP),  an  Internet  Engineering 
Task  Force  (IETF)  standard  for  interactive 
communication  sessions  between  users. 

That  means  as  XP  is  rolled  out  across 
enterprise  desktops,  end  users  will  have  a 
built-in,  standards-based  client  capable  of 
talking  to  other  SIP-based  devices,  be  they 
phones,  gateways,  servers  or  PBXs. 

But  simply  having  Windows  Messenger 
clients  is  only  half  the  equation.  That  will 
give  you  basic,  point  to  point,  voice  or 
video  communication  between  two  people 
on  an  enterprise  network. 

If  you  want  the  full  breadth  of  features, 
such  as  multiparty  conferencing,  clicking 
on  a  name  in  your  buddy  list  to  place  a  call, 
dragging  and  dropping  names  from  an  Out¬ 
look  folder  to  an  icon  on  your  desktop  and 
starting  a  telephone  call,  then  an  applica¬ 
tion  server  or  a  SlP-sawy  IP  PBX  is  needed. 

If  you  can  wait,  Microsoft  recently  annou¬ 
nced  that  it  will  be  moving  instant  messag¬ 
ing  features  from  its  Exchange  e-mail  server 
to  a  new  server,  code-named  Greenwich, 
which  will  be  part  of  the  .Net  server  family. 
Estimated  ship  date  is  June  2003. 

In  addition  vendors  with  very  different 
backgrounds  are  offering  or  have 
announced  products  that  piggyback  on  the 
Messenger  client,  with  more  expected  to 
jump  on  the  band wagon  in  the  next  year. 

•  From  the  voice  side,  eDial,  a 
Waltham,  Mass.,  company  that  spe¬ 
cializes  in  audioconferencing,  is 
shipping  an  appliance  that  con¬ 
verts  SIP  to  other  common  IP 
protocols  as  well  as  legacy  tele¬ 


phony  protocols,  and  provides  interfaces 
to  existing  services. 

With  an  eDial  Communication  Server, 
users  can  do  online  directory  dialing  from 
Outlook  using  the  Windows  Messenger 
SIP  stack,  click  on  a  link  in  a  Web  cus¬ 
tomer  support  page  to  speak  with  a  per¬ 
son,  and  create  an  instant,  multiparty, 
multiprotocol  audioconference. 

•  Israeli  videoconferencing  vendor 
VCON  has  added  a  SIP  proxy  to  its  MXM 
3.0  application  server  and  gatekeeper  for 
H.323  rich  media  conferencing. 

Anyone  running  Messenger  who  is  regis¬ 
tered  with  an  MXM  server  can  establish 
SIP-to-SIP  calls  through  the  MXM  direc¬ 
tory  interface,  receive  a  video  call  from  a 
SIP  video-enabled  client  (another 
Windows  Messenger  user)  on  the  corpo¬ 
rate  network,  forward  a  call  to  another 
party  registered  on  the  MXM  server  and 
benefit  from  MXM’s  other  centralized 
management  and  video  PBX  services. 

“We  don’t  believe  companies  should 
have  to  wait  to  choose  between  one  pro¬ 
tocol  or  the  other  at  this  point  in  time,” 
says  Gordon  Daugherty,  president  of 
VCON,  Inc.  “With  the  MXM’s  SIP  support, 
the  IT  manager  can  establish  each  SIP 
client’s  maximum  and  minimum  band¬ 
width  allocation,  assign  permissions,  such 
as  use  of  gateway  or  conferencing 
resources,  monitor  call  status,  and,  if 
needed,  establish  calls  between  two  or 
more  SIP  parties  remotely.” 

The  MXM  administrator  also  can  use 
the  server  to  review  Call  Detail  Records 
of  SIP  as  well  as  H.323  clients  on  all  com¬ 
pleted  calls.  The  MXM  license  fee  runs 
$100  to  $300  per  user. 

•  On  the  IP  PBX  side,  Sphere  Commun¬ 
ications  expects  to  release  enhancements 
to  its  Sphericall  server  next  year  that 
offer  Messenger  users  a  highly  converged 
yet  flexible  phone-PC  experience. 


Bandwidth  requirement 

The  rule  of  thumb  is  that  for  a  fully 
interactive,  business-like  meeting 
each  user  must  have  a  stable 
(never  less  than)  200K  bit/sec 
connection  with  never  more  than 
400  ms  of  latency  end  to  end. 


******  »  •,-■  "A  (  -  -  -•,•-  -.V  —  <  ,;  '  ,  -  >— 


13s  Bob 


Questions  for  your  vendor 


1.  What  type  of  security  mechanisms  will 
there  be  to  authenticate  users  and  to 
protect  data? 

2.  What  type  of  management  tools  will  I 
have  to  monitor  and  control  the  system? 

3.  What  type  of  archiving  system  will  be  set 
up  to  store  and  retrieve  instant  messages? 

4.  How  much  user  training  will  I  need? 

5.  How  much  staff  time  will  be  required  to 
run  the  system? 

6.  What  is  the  extent  of  the  costs,  including 
things  like  desktop  video  cameras  and 
microphones. 


The  final  caveat 

Despite  the  potentially  feature-rich  user 
experience,  Messenger-based  communica¬ 
tion  faces  formidable  challenges  in  the 
enterprise. 

In  other  words,  network  execs  aren’t 
likely  to  turn  on  new  features  until  they  are 
satisfied  that  these  SIP-aware  products  and 
services  offer  sufficient  security,  archiving 
and  control  of  network  resources. 


The  Sphericall  IP  PBX  will  treat  any 
Messenger  client  as  any  other  IP  phone  on 
the  network.  Once  registered  with  MSN  Mes¬ 
senger  and  the  Sphericall  services,  a  new 
menu  appears  on  the  Messenger  interface. 

Users  will  be  able  to  use  their  mouse  to 
transfer  a  call  from  their  Messenger  inter¬ 
face  to  a  telephone  or  to  a  SIP  user  on  their 
buddy  list.A  call  also  can  be  transferred  by 
entering  a  third  party’s  phone  number  into 
a  dialog  box.  Since  presence  is  integral  to 
the  instant-messenge  interface,  users  will 
know  if  the  other  party  is  available. 

A  Messenger  user  can  choose  to  place  a 
call  with  any  device  (IP  phone  or  an  IP  call 
through  a  gateway)  or  to  bring  in  another 
person  from  the  directory  or  buddy  list. 
Also,  if  a  Messenger  user  receives  a  call 
from  another  Sphericall  registered  IP 
phone,  a  box  pops  up  on  the  PC  telling 
him  who  is  calling  on  his  desk  phone. 

Users  also  can  specify  what  the  server 
should  do  (call  forward  to  attendant  or 
call  forward  to  the  messaging  system)  if  a 
Messenger  client  fails  to  answer  a  call 
after  a  defined  number  of  rings.  The 
Sphericall  software  runs  on  Windows 
servers  and  is  available  for  approximately 
$  150/seat  without  public  switched  tele¬ 
phone  network  hardware  interfaces  for 
gateway  services. 

•  From  the  Web-based  collaboration 
angle,  First  Virtual  Communications 
announced  that  its  Conference  Server  will 
support  establishment  of  multiprotocol, 
multiparty  voice  and  video  sessions, 
including  SIP,  H.323-compliant  clients  and 
FVC’s  proprietary  Web  client,  through 
Internet  Explorer  5.5  or  later. 

At  a  recent  Microsoft  press  event,  FVC 
demonstrated  that  when  peered  with  a  SIP 
registration  server,  such  as  Microsoft’s 
upcoming  real-time  communications  ser¬ 


ver,  Greenwich,  its  Conference  a 

Server  could  include  a  Win-  ■ 

dows  Messenger  client  in  a 
Web-based  conference  and,  M 

from  the  Click  to  Meet  graphical  % 
user  interface,  initiate  sharing 
services  between  participants  and  ^ 
the  server. 

Similarly,  Latitude  Communica¬ 
tions,  which  specializes  in  voice  and 
Web  conferencing,  is  partnering  with 
videoconferencing  hardware  vendor 
Radvision  to  expand  its  existing 
MeetingPlace  platform  to  support 
Messenger. 

When  users  have  MeetingPlace  privileges 
and  their  network  manager  installs  the 
upcoming  support  for  SIP,  a  new  tab  will 
appear  on  their  Messenger  interface.  The 
MeetingPlace  tab  will  display  the  user’s 
previously  scheduled  meetings,  offer  ac¬ 
cess  to  the  server’s  resources  for  schedul¬ 
ing  future  meetings  or  instantly  establish¬ 
ing  a  MeetingPlace  data  and  voice  session. 
With  a  Radvision  multipoint  conferencing 
unit,  the  meeting  also  can  include  SIP 
video-enabled  participants. 


Percy  is  president  of  Perey  Research  and  Con¬ 
sulting  in  Placerville,  Calif.,  and  a  member  of  the 
Network  World  Global  Test  Alliance.  She  can 
be  reached  at  cperey@perey.com. 
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Gigabit  intrusion- 
detection  systems 


Tests  show 

network  IDS 
products  have 
a  ways  to  go  to 
get  accurate 
detection  at 
gigabit  speeds 
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n  our  tests  of  five  leading  network  intrusion-detection  systems  and  the  popu¬ 
lar  open  source  Snort,  performance  was  spotty  during  baseline  testing  and 
degraded  by  as  much  as  50%  on  some  products  when  we  opened  the  throttle 
to  gigabit  speeds. 

Our  first  step  was  to  run  28  well-known  attacks  against  each  product  in  an  untuned 
state  on  a  wire  that  had  no  other  traffic  running  on  it.  Most  products  detected  only 
about  half  the  attacks. 


When  the  systems  were  tuned,  most  products  caught  an  additional  two  or  three 
attacks,  but  still  missed  a  good  number  of  them. 

IntruVert’s  IntruShield  4000  was  a  bright  spot.  It  detected  the  greatest  number  of 
attacks  in  every  test  (see  the  performance  chart,  below),  and  wins  the  Network  World 
Blue  Ribbon  Award.  A  newcomer  to  this  market,  IntruShield  is  a  well-designed,  and 
feature-rich. 

Internet  Security  Systems’  RealSecure  Gigabit  Network  Sensor  Version  7.0  didn’t 
detect  as  many  attacks  as  IntruVert’s  product  overall,  (16  out  of  28  at  baseline  with 
no  tuning  and  25  with  tuning),  but  deserves  the  runner-up  prize  because  its  ability 
to  detect  attacks  did  not  change  at  gigabit  speeds.The  other  three  commercial  prod¬ 
ucts  tested  at  Miercom’s  lab  facility  in  Princeton  Junction,  N.J.,  were  Dragon  IDS 
Server  Appliance  and  Dragon  IDS  Sensor  Appliance;  Intrusion’s  (formerly  Intrusion 
.com)  SecureNet;  and,  Symantec’s  (formerly  Recourse)  ManHunt  Version  2. 11.  We 
also  tested  the  open  source  package,  Snort  on  Acid. 

Performance  tests 

Our  primary  focus  was  to  determine  how  well  these  products  performed  under  a 
gigabit  traffic  load,  which  was  970M  bit/sec  in  our  tests.  We  ran  the  tests  at  slightly  less 
than  a  full  gigabit  load  to  ensure  that  the  link  was  not  overutilized  and  all  our  attacks 
could  get  through  (see  How  we  did  it,www.nwfusion.com,DocFinder:2929). 

In  our  baseline  tests  with  no  traffic,  we  did  not  tune  the  systems  in  any  way,  but  we 
did  turn  on  all  signatures  and  protocol  anomalies.  We  delivered  28  attacks  to  each 
system,  including  commonly  known  denial-of-service,  surveillance  and  probe 
attacks,  and  attacks,  such  as  Stick  and  Fragrouter,  designed  to  evade  an  IDS  system 
(see  Attack  List,  DocFinder:  2928). 

IntruShield  4000  detected  the  highest  number  of  attacks  —  24  out  of  28.  Dragon, 
RealSecure  and  Snort  each  caught  16  of  the  28  attacks.  ManHunt  detected  14  attacks, 
and  SecureNet  caught  11. 

A  key  factor  in  IntruVert’s  strong  showing  is  a  good  implementation  of  signature- 
based  attack  detection  (in  which  packets’  contents  are  compared  against  a  database 
of  known  attack  patterns), and  protocol  anomaly  detection  (PAD)  (in  which  the  prod¬ 
uct  verifies  that  a  traffic  flow  is  not  violating  its  defined  protocol  —  signaling  suspi¬ 
cious  activity).  Except  for  Snort,  all  the  products  supported  both  techniques,  but 
IntruVert  married  the  two  technologies  especially  well. 


Overall,  the  products  caught  about  half  the  attacks. What  accounts  for  this  lackluster 
showing  on  a  nontuned  system  is  that  some  vendors  turn  off  signatures  to  heighten 
performance.  Vendors  also  make  this  trade-off  so  that  administrators  are  not  over¬ 
whelmed  by  the  many  false-positive  alarms  they  receive  before  systems  are  tuned  (see 
review,  DocFinder:  3038). 

The  extent  of  an  IDS’s  signature  database  also  is  a  factor. The  more  attack  signatures 
a  product  supports,  the  better  its  rate  of  detection  without  system  tuning.  For  example, 
although  ManHunt  supports  a  signature  database  and  PAD,  it  relies  more  on  the  latter. 
If  an  exploit  or  attack  follows  protocol  then  it’s  not  detected  unless  the  product  has  a 
signature  to  catch  it.  ManHunt  supports  a  small  signature  database  and  doesn’t  do  as 
well  in  this  type  of  test. 

We  next  ran  the  set  of  attacks  that  each  product  detected  at  baseline  traffic  levels 
against  these  still  untuned  products,  but  filled  the  pipe.  RealSecure  caught  16  out  of 
the  16  attacks,  ManHunt  caught  13  out  of  14  attacks,  and  IntruShield  4000  caught  21 
out  of  24  attacks.  Dragon  and  Snort  had  the  poorest  overall  showing,  catching  only  3 
out  of  16  attacks  and  6  out  of  16  attacks,  respectively 

Tuning  helps,  but  not  much 

This  same  set  of  tests  was  conducted  again  on  tuned  systems.Tuning  meant  that  the 
vendor  could  tweak  any  signature  code  included  in  the  product’s  database  to  let  it 
catch  or  identify  an  attack  correctly  The  vendor  could  change  User  Datagram  Protocol 
(UDP)  toTCRor  vice  versa  to  catch  a  Back  Orifice  attack.  Or  it  might  decrease  thresh¬ 
olds  for  the  number  of  TCP  connects  to  catch  an  NMAP  attack.  It  also  might  turn  off 
processor-intensive  engines, signatures  and  features  to  enhance  performance. 

Some  products  were  tuned  in  an  hour;  some  took  much  longer.  How  familiar  the 
vendor’s  technical  representative  is  with  the  system  and  tuning  it  plays  an  important 
role  —  something  end  users  should  consider. What  type  of  assistance  does  the  vendor 
provide  for  system  tuning  is  a  good  question  to  ask. 

Vendors  were  not  allowed  to  add  new  signatures  to  a  database,  customize  existing 
signatures  or  download  signatures  from  the  Snort  database  to  use  during  testing.  In 
a  customer  deployment,  customers  presumably  would  take  advantage  of  all  of  these 
tuning  options.  We  did  not  allow  this  to  happen  in  the  lab  because  we  would  then 
be  assessing  how  well  a  vendor’s  on-site  technician  could  tune  a  system  rather  than 
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Summary  of  Gigabit  IDS  performance 

Our  analysis  was  based  on  28  attacks  delivered  in  four  tests  —  baseline  tests  with  no  traffic  and  tests  at  970M  bit/sec  on  untuned  and  tuned  systems. 
If  an  IDS  did  not  detect  an  attack  in  our  baseline  tests,  the  attack  was  not  included  in  the  tests  conducted  with  a  970M  bit/sec  traffic  load. 


Detection  results  on  untuned  systems 

Detection  results  on  tuned  systems 
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evaluating  gigabit  performance,  which 
was  our  intent. 

Overall,  tuning  helped  the  products  de¬ 
tect  a  few  more  attacks,  but  the  increase 
was  not  dramatic.  At  baseline  traffic  levels 
and  tuned,  the  IntruShield  4000  caught  all 
28  attacks.  RealSecure  benefited  the  most 
from  tuning,  detecting  25  out  of  28  attacks 
—  compared  with  only  16  without  tuning. 
Snort  improved  from  16  to  18  and  Dragon 
went  from  16  to  17.Tuning  had  no  effect  on 
ManHunt,  which  detected  14  attacks  in 
both  rounds. 

When  we  threw  gigabit  traffic  at  these 
tuned  boxes,  again  using  only  attacks  the 
boxes  could  catch  at  baseline, RealSecure 
caught  25  of  25  attacks  delivered  at  giga¬ 
bit.  IntruShield  4000  caught  27  out  of  the 
full  28.  ManHunt  caught  the  same  number 
of  attacks  (13  out  of  14)  it  had  on  an 
untuned  system. 

SecureNet’s  performance  was  much  im¬ 
proved  by  tuning.  In  the  baseline  tests  on  a 
untuned  system,  SecureNet  caught  only 
four  out  of  1 1  attacks  at  gigabit  speeds,  but 
caught  14  out  of  15  attacks  when  tuned. 

Dragon  and  Snort  showed  some  im¬ 
provement  on  a  tuned  system.  Dragon  and 


Snort  each  caught  eight  attacks  (out  of  17 
and  18  baseline  attacks,  respectively).  All 
the  attacks  used  in  these  tests  were  legacy 
(no  variants),  and  these  systems  should 
have  been  able  to  detect  them.  But  many 
products  missed  common  attacks  —  most 
often  because  a  signature  was  not  correct¬ 
ly  written  or  absent  from  the  product’s  sig¬ 
nature  database  altogether. 

All  the  vendors  let  customers  add  their 
own  signatures  to  the  IDS  database  and  all 
provide  signature  customization  to  im¬ 
prove  performance.  But  based  on  these  re¬ 
sults,  it’s  clear  that  good  attack-detection 
rates  require  significant  time  and  tuning 
to  achieve. 

Management 

While  the  focus  of  this  review  was  on  per¬ 
formance,  we  also  assessed  management 
applications  on  the  products,  observing 
them  under  heavy  load. 

A  Web-based  management  graphical 
user  interface  (GUI), supported  on  Dragon 
and  IntruShield  4000,  allows  management 
of  the  product  from  any  venue.  On  the 
Dragon,  having  the  Web-based  manage¬ 
ment  and  event  viewer  on  the  same  Web 
page  also  facilitates  interacting  with 
the  device. 

But  the  Dragon’s  management  applica¬ 


tion  had  some  downsides.  We  couldn’t 
easily  clear  real-time  events  from  the 
screen  after  they  were  viewed,  and  “push¬ 
ing”  the  configuration  out  to  the  devices 
was  unintuitive,  requiring  that  we  com¬ 
plete  several  steps  on  multiple  screens. 

The  IntruShield  4000’s  Java-enabled 
Web-based  GUI  is  intuitive,  logically 
designed  and  clean. The  product  supports 
informative  graphics  for  about  anything 
we  wanted  to  track,  producing  them  was 
easy  —  just  a  click  on  a  “graph”  button  and 
they  were  delivered  automatically 

SecureNet  had  the  best  drill-down 
granularity,  giving  users  the  ability  to  sort 
events  via  an  event  tree  they  create.  How¬ 
ever,  using  three  different  tools  to  manage 
the  SecureNet  sensor  cumbersome,  and 
many  of  the  applications  have  a  different 
look  and  feel,  which  affected  ease  of  use. 

A  key  feature  on  RealSecure  was  the  dis¬ 
play  of  packet  data  that  the  IDS  tags  as  sus¬ 
pect  on  the  top-level  event  description. 
Other  products  did  this,  but  not  on  the 
main  screen.  RealSecure  also  provided 
good  icons  and  visual  alerts  to  denote  the 
priority  of  alarms. 

Setting  up  and  managing  Snort  is  not  for 
the  technically  challenged.  Snort  runs 
with  a  variety  of  other  packages  —  a  plus 
—  but  many  of  those  might  not  work  eas¬ 
ily  with  one  another,  so  familiarity  with 
applications  such  as  My  SQL  and  Apache 


Web  server,  and  Unix,  are  highly  recom¬ 
mended.  Extensive  documentation  and 
installation  instructions  exist  on  the 
Internet  for  Snort  (go  to  www. snort.org), 
but  you’ll  need  to  search  around  to  find 
the  appropriate  tools  to  get  this  product 
up  and  running. 

We  ran  Snort  on  Acid,  a  free,  open 
source  event  viewer.  Searching  through 
events  on  Acid  was  powerful,  but  not  intu¬ 
itive  (we  had  to  search  using  SQL  syntax), 
and  there  are  many  search  options  with 
which  to  work.  Acid  is  for  event  viewing 
only;  all  parameter  and  configuration 
changes  were  done  through  the  com¬ 
mand  line. 

Because  Snort  is  based  on  open  source 
code,  it  is  highly  configurable  and  cus¬ 
tomizable,  but  there  are  no  formal  techni¬ 
cal  resources  on  which  to  rely  when  using 
this  product  (and  no  one  to  blame  if 
things  go  awry). There  are  companies  that 
provide  Snort  tech  support  commercially 
which  you  might  want  to  consider  in  an 
enterprise  environment. 

ManHunt’s  GUI  was  the  easiest  to  use, 
and  although  it  lacked  the  granularity  of 
some  of  the  other  products,  it  got  the  job 
done  and  provided  some  useful  features. 
On  the  down  side,  the  ManHunt  GUI  was 
slow  to  accept  changes  and  provided  no 
indication  they  had  taken  effect. 

See  Gigabit  IDS,  page  50 
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Dragon  IDS  Appliance 
Version  5.0.3;  Dragon  IDS 
Sensor  Appliance 

Company:  Enterasys, 
(603)  332-9400,  www. 
enterasys.com  Price: 
$6,600  for  Dragon  IDS 
Server  Appliance;  $8,400 
for  Dragon  IDS  Sensor 
Appliance.  Pros: 
Management  is  Web- 
based;  quick  installation. 
Cons:  Lack-luster 
performance  under  load; 
nonintuitive  processor 
included  in  management 
GUI;  limited  event  details. 


SecureNet  7145C 

Company:  Intrusion, 
(972)  234-6400,  www. 
intrusion.com  Price: 
$17,000  for  sensor 
appliance;  $1,000  for 
Intrusion  SecureNet 
Provider  management. 
Pros:  Well-designed 
management  GUI;  dual 
power  for  sensor  and 
manager;  good  reporting. 
Cons:  Lackluster  per¬ 
formance  under  load; 
time-consuming  policy 
update;  drops  and  over¬ 
runs  on  SPAN  port. 


IntruShield  4000,  Version 
1.1;  IntruShield  Manager, 
Version  1.1 


Company:  IntruVert 
Networks,  (408)  434-8300, 
www.intruvert.com 
Price:  $100,000  for  Intru¬ 
Shield  4000  sensor 
appliance;  $8,000  for 
IntruShield  Manager. 
Pros:  Very  good  per¬ 
former  under  load;  well- 
designed  and  intuitive 
system;  fully  featured. 
Cons:  Lenghty  signature 
update  process;  Alert- 
Viewer  sluggish  under 
10,000-alert  load;  pricey. 


RealSecure  Gigabit  Network 
Sensor,  Version  7.0; 
RealSecure  Workgroup 
Manager,  Version  6.6 

Company:  Internet 
Security  Systems  Price: 
$25,000  for  RealSecure 
Gigabit  Network  Sensor; 
$2,000  for  RealSecure 
Workgroup  Manager; 
$5,000  for  Maintenance 
for  RealSecure  Gigabit 
Network  Sensor.  Pros: 
Good  performer  under 
load;  quick  policy  up¬ 
dates;  quick  attack  det¬ 
ection  on  tuned  system. 
Cons:  No  event  acknow¬ 
ledgement;  ISS  must 
customize  signatures. 


Snort  on  Acid 

Company:  Available  via 
www.snort.org  Price: 
Open  source.  Pros:  Many 
configuration  options; 
runs  on  a  variety  of 
platforms;  free.  Cons: 
Lengthy  installation 
process;  requires  tech¬ 
nical  expertise  to  set  up 
and  maintain. 


ManHunt  II,  Version  2.11 

Company:  Symantec 
Price:  $50,000  for 
ManHunt  with  1G  bit/sec; 
$6,000  for  Dell  Power- 
Edge  2550  with  gigabit 
support.  Pros:  Excellent 
coalescing  feature;  easy 
to  install;  straightforward 
management  GUI.  Cons: 
Cannot  filter  or  match  on 
display  events;  slow  to 
accept  some  changes. 
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features 

While  all  the  products  support  a  range 
of  features,  including  paging  alerts, 
high  availability  and  integration  with  fire- 
wails,  there  were  a  couple  of  standouts 


in  this  category. 

IntruShield  4000  supports  an  outstanding 
feature  set.  Chief  among  them  is  the 
IntruShield  4000’s  ability  to  “learn”  the  net¬ 
work,  based  on  the  vendors  proprietary 
learning  software,  also  known  as  statistical 
anomaly  analysis.  With  a  solid  view  of  how 
the  network  looks  over  time,  the  product 


can  quickly  detect  when  something  differ¬ 
ent  takes  place. 

ManHunt  supports  an  outstanding  coa¬ 
lescing  feature  that  ties  a  collection  of  con¬ 
nected  events  together.  If  an  IDS  detects 
1 ,500  instances  of  the  same  attack,  it  reports 
it  as  one.  ManHunt’s  coalescing  function 
was  impressive  because  it  can  see  different 
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types  of  attacks  that  are  part  of  the  same 
incident  and  put  them  together. 

We  took  a  brief  look  at  Intrusions  new 
SecureNet  Provider  2.1  —  which  included 
an  enhanced  forensics  tool  that  offered 
several  impressive  data-mining  options. 
This  new  tool  supports  a  “case  files”  appli¬ 
cation  that  lets  you  drag  and  drop  noncon¬ 
tiguous  events  and  ranges  of  events  into 
case  files.  We  could  add  notes,  links  and 
URLs  to  the  case  files  and  also  save  or 
export  them  to  other  applications  for  shar¬ 
ing  the  data,  archiving  or  conducting  fur¬ 
ther  analysis. 

The  IntruShield  4000  also  had  the 
strongest  showing  in  the  configuration  cat¬ 
egory  with  its  support  of  optional,  redun¬ 
dant  hot-swappable  power  supplies  and 
four  redundant  fans. 

A  plus  for  Snort  in  the  configuration  cate¬ 
gory  is  its  ability  to  operate  on  just  about 
any  operating  system.  It  also  supports 
numerous  options  for  logging  events, 
including  multilogging  in  plain  text,syslog, 
MySQL  and  SNMP  traps,  among  others. 

You  get  what  you  pay  for 

Gigabit  IDS  products  have  a  way  to  go 
before  they  offer  full  protection  against 
attacks  without  significant  tuning.  Without 
it,  most  of  these  products  detected  only  half 
of  the  attacks  directed  at  them,  many  of 
which  have  been  around  long  enough  that 
these  systems  should  have  detected  them. 

The  IntruShield  4000  delivered  an  impres¬ 
sive  showing  in  this  review,  but  it  comes 
with  a  hefty  price  tag  —  $108,000  for  the 
system  we  tested,  compared  with  only 
$15,000  for  Dragon  and  $18,000  for 
SecureNet. 

When  you  compare  the  percentage  of  at¬ 
tacks  detected  without  tuning  vs.  total  price 
of  the  IDS  systems  as  tested,  you’ll  find  that 
you  get  what  you  pay  for.  The  higher  the 
price  of  the  system  we  tested,  the  better  the 
overall  attack  detection  rate  without  signif¬ 
icant  tuning  required  and  vice  versa. 

If  you  plan  to  use  a  gigabit  IDS  at  a  criti¬ 
cal,  high-traffic  area  of  the  network,  plan  to 
pay  a  price  —  either  in  the  time  it  will  take 
to  tune  the  system  for  optimal  perfor¬ 
mance  or  in  dollars  to  get  a  product  that 
has  been  engineered  for  high  traffic  loads. 

Yocom  is  editorial  manager,  Birdsali  is  test 
lab  engineer  and  Poletti-Metzel  is  test  lab 
manager  at  Miercom,  a  network  test  lab  and 
consultancy  in  Princeton  Junction,  NJ.  They 
can  be  reached  at  byocom@miercom.com; 
rbirdsall@miercom.com  and  dpoletti@ 
miercom.com. 


Global  Test  Allian 


■  Miercom  is  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  in¬ 
dustry,  each  bringing  to  bear  years  of 
practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 


How  YOU  DOING  ON  THOSE  QUARTERLY  GOALS? 

When  you  rule  information  instead  of  the  other  way  around,  things  look  up. 
Every  day,  EMC  Automated  Networked  Storage  lets  IT  departments  cut  60 
percent  out  of  per-megabyte  costs,  consolidate  storage  management,  and  triple 
disk  utilization  —  all  at  a  surprisingly  affordable  price.  Which  might  explain 
why  no  one  delivers  more  networked  storage  than  EMC. 


Learn  how  other  companies  did  more  for  less  in  the  EMC  Answers  White  Paper  series  at  EMC.com/ANS 
Maximize  your  automated  networked  storage  knowledge  by  registering  for  monthly  updates  at  EMC.com/insite 
Call  the  experts  and  discuss  how  you  really  can  get  more  for  less  with  EMC  at  1-866-464-7381. 


EMC2 

where  information  lives 


EMC2  and  EMC  are  registered  trademarks  and  where  information  lives  is  a  trademark  of  EMC  Corporation.  ©2002  EMC  Corporation.  All  rights  reserved. 


Self-protection 

Reliance  on  financially  troubled  service  providers  requires  special  contract  care. 


■  BY  MICHAEL  MARTIN 

Negotiating  contracts  with  IT  suppliers  never  has  been  easy,  but 
with  the  economy  in  the  dumps  and  IT  vendors  going  out  of 
business  seemingly  every  day  contract  negotiation  has  become 
even  tougher. 
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Here  are  some  ways  companies  can  save  money  and  protect 
themselves  when  negotiating  contracts: 


1 .  Two  vendors  are  better  than  one. 

Splitting  a  contract  between  multiple  vendors  assures  a  backup  if  one  vendor 
experiences  a  service  outage  or  goes  out  of  business.  You  also  force  the  vendors  to 
compete  with  one  another, 

2.  Keep  an  up-to-date  qualified  vendor  list. 

With  a  large  number  of  vendors  going  out  of  business,  make  sure  to  keep  your 
information  as  current  as  possible. 

3.  Commit  as  little  as  possible  to  any  one  vendor. 

If,  for  example,  your  annual  telecom  budget  is  $6  million,  try  not  to  commit  more 
than  $3  million  to  a  vendor,  so  you  don’t  get  locked  into  a  contract  if  better  options 
become  available. 

4.  Make  sure  you  hear  “no”  from  a  vendor. 

The  more  “no’s"  you  get  the  better.  It  means  you’re  pushing  for  the  best  deal  possible. 


IT  managers  must  now  take  extra  steps 
to  ensure  they  don’t  lose  their  service, 
money  or  other  corporate  assets  to  a 
financially  troubled  partner. 

The  basics 

One  obvious  step  users  can  take  to  pro¬ 
tect  themselves  from  service  outages  is  to 
negotiate  contracts  with  two  or  more  ven¬ 
dors  whenever  possible.  A  company  might 
give  60%  of  its  telecom  contract  to  AT&T 
and  40%  to  WorldCom.  If  one  provider 
experiences  an  outage,  the  customer  can 
switch  traffic  to  the  other  provider. 

But  not  all  techies  feel  it’s  necessary  to 
have  multiple  providers.  William  Horst, 
assistant  regional  administrator  for  the 
Government  Services  Administration 
(GSA)  in  Boston,  says  he  feels  confident 
that  Verizon  isn’t  going  to  fold. 

Horst  says  the  only  thing  that’s  changed 
in  the  GSAs  contracts  with  the  regional 
Beil  operating  company  is  negotiating  for 
more  physical  redundancy  at  sites. 

“Verizon  has  developed  some  expertise 
in  that  area  over  the  past  year;”  he  says.“We 
were  pleasantly  surprised  that  they 
seemed  to  have  their  act  together" 

Brian  Lane,  assistant  vice  president  for 
technology  for  the  American  Hospital 
Association  in  Chicago,  also  relies  on  an 
RBOC  as  the  AHA’s  pre¬ 
ferred  telecom  provider  for 
its  nearly  5,000  hospitals, 
healthcare  systems  and 
care  providers.  But  in  Lane’s 
case,  he  uses  Qwest,  a  com¬ 
pany  that  has  had  a  lot  of 
observers  questioning  its 
financing  and  future. 

Lane  is  confident  Qwest 
will  puli  through.  And  even 
if  Qwest  doesn’t  make  it,  he 
doesn’t  feel  a  need  to  have 
back-up  providers  in  place. 

"When  WorldCom  went 


bankrupt,  some  people  thought  they’d  go 
dead,”  he  says.  “But  that  hasn’t  happened 
at  all.” 

WorldCom  provides  a  good  benchmark 
of  what  big  business  customers  can 
expect  from  an  IT  supplier  if  it  files  for 
bankruptcy 

WorldCom’s  filing  has  affected  contract 
negotiations  in  at  least  a  couple  of  ways, 
says  Hank  Levine,  a  partner  in  Levine, 
Blaszak,  Block  and  Boothby  a  firm  spe¬ 
cializing  in  telecom  contract  negotiations. 

In  the  past,  if  customers  wanted  to  make 
an  alteration  to  a  contract,  WorldCom 
might  have  said  they  couldn’t  make  the 
change,  because  it  didn’t  conform  to  the 
telecom  tariffs  or  service  guide,  Levine  says. 

“Now  they  say  they  can’t  change  it, 
because  the  creditor’s  committee  won’t 
let  them  ”  he  says. 

Very  large  telecom  contracts  might  have 
to  go  before  the  creditor’s  committee,  but 
it’s  highly  unlikely  that  every  contract  will 
go  before  the  committee,  Levine  says. 

If  a  bankrupt  provider  tries  to  use  this 
excuse  on  a  user,  the  customer  might  want 
to  push  the  issue. 

Another  way  WorldCom’s  bankruptcy 
has  affected  contracts  is  that  the  carrier 
has  tried  to  make  new  deals  subject  to 
possible  rejection  at  a  later  date,  Levine 
says. 

When  a  company  is  prepar¬ 
ing  to  leave  bankruptcy,  it  has 
the  right  to  assume  or  reject 
any  end-user  agreement  it 
entered  into  before  the  com¬ 
pany  filed  for  Chapter  11. 

A  company  can  reject  a  con¬ 
tract  it  got  into  before  bank¬ 
ruptcy,  Levine  says.  But  a  con¬ 
tract  signed  after  a  company 
has  filed  for  bankruptcy  must 
be  honored. 

WorldCom  has  tried  to  slip 
language  into  new  contracts, 


renewals  and  extensions  that  would  make 
all  the  new  agreements  subject  to  rejec¬ 
tion,  Levine  says. 

“If  you’re  signing  a  new  deal  with  a 
provider  in  bankruptcy,  one  of  the  first 
things  you  want  to  make  sure  of  is  that  it  is 
a  post-petition  agreement,  so  it  can’t  be 
rejected,”  he  says. 

Hosting  pitfalls 

IT  managers  outsourcing  their  Web  host¬ 
ing  or  applications  hosting  face  serious 
problems  from  bankrupt  suppliers. 

If  a  company’s  data  or  voice  provider 
goes  under,  the  company  can  have  back¬ 
up  providers  in  place  and  quickly  switch 
service  to  the  back-up  provider. 

Setting  up  a  back-up  application  service 
provider  (ASP)  or  hosting  provider  is 
more  difficult  and  in  some  cases  might 
not  be  possible. 

There  are  two  obvious  issues  when  an 
ASP  turns  off  the  lights,  says  James  Kaly- 
vas,  chair  of  the  e-business  and  IT  practice 
at  Chicago  law  firm  Foley  &  Laudner. 

The  first  is  how  a  user  company  keeps 
operating. 

The  second  is  how  the  user  company 


recovers  the  information  it  needs  from  its 
ASP  or  hosting  provider. 

For  a  company  to  get  back  up  and  run¬ 
ning  if  its  ASP  goes  down,  all  it  really  can 
do  is  have  some  kind  of  back-up  plan  in 
place,  Kalyvas  says.  A  company  could 
have  a  secondary  provider  in  mind  to 
which  the  company  could  shift  quickly  in 
the  event  of  an  emergency. 

To  make  sure  a  company  has  all  the 
information  it  needs  to  keep  running,  reg¬ 
ular  data  backups  to  an  off-site  facility  are 
probably  a  good  idea,  Kalyvas  says. 

You  can  also  have  an  ASP  place  the  lat¬ 
est  versions  of  the  software  it  hosts  in  the 
hands  of  a  third  party,  possibly  even 
another  ASP  If  something  happens  to  the 
primary  ASRyou  can  access  any  required 
application. 

A  final  point:  ASP  customers  must  ensure 
that  any  contract  specifies  that  the  cus¬ 
tomer  owns  any  information  the  ASP 
might  be  storing  for  the  customer. 

“Almost  all  ASPs  will  look  to  create 
some  business  out  of  the  data  they  col¬ 
lect,”  Kalyvas  says.  “You  want  to  be  sure 
you’re  not  giving  them  any  sensitive 
information.”  ■ 


More  online! 


Check  out  the  customized  contracts 
companies  have  negotiated  with 
AT&T,  Sprint  and  WorldCom. 

DocFinder:  2932 


Finally  -  the  missing  piece! 


Today’s  ever-growing  data  centers  make  it  harder 
than  ever  to  get  hands-on  control  of  all  your  servers 
and  network  devices.  Now  you  can  have  direct 
access  to  every  device  in  your  data  center  from  any 
location,  all  from  a  single  screen.  Manage  and  maintain 
servers  in  your  local  rack  or  across  the  world. 


Total  system  control  over  analog  or  IP  connection 
means  complete  ‘at  the  computer’  troubleshooting 
from  anywhere. 

Now  it’s  all  falling  into  place.  Avocent’s  advanced 
analog  and  digital  KVM  solutions  -  the  perfect  fit 
for  the  server  room  and  enterprise. 


For  the  complete  picture,  download  a  free  KVM  Tech  Guide  today  at 
www.kvmguide.com  or  call  1  -866-AVOCENT  (286-2368),  ext.  3006. 


Avocenb . 

The  Power  of  Being  There  . 


Avocent,  the  Avocent  logo,  “The  Power  of  Being  There”,  “KVM  over  IP",  DSR,  DSView,  DS1800,  and  CPS  are  trademarks  of 
Avocent  Corporation.  All  other  marks  are  the  property  of  their  respective  owners.  Copyright  ©  2002  Avocent  Corporation. 


the  Hub  of  the  Network  Buy 


Check  your  network  time  synchronization 
now!  Download  the  free  LMCheck.exe 
from  our  web  site  to  check  the  clocks  on 
your  network. 


scy/Enscf 


IF  YOU’RE  STILL  USING  INTERNET  CLOCKS 
TO  RUN  YOUR  NETWORK, 

YOU’RE  LOSING  MORE  THAN  JUST  TIME. 

Time  inconsistencies  in  your  network  can  degrade  performance,  interrupt 
scheduled  operations,  and  create  inaccurate  server  logs.  Keeping  your 
network  tightly  synchronized  is  critical  to  quickly  recover  from  network 
crashes  and  effectively  deal  with  security  intrusions.  Unlike  public  Internet 
clocks  that  are  outside  of  your  firewall  and  can  lose  accuracy  over  WANs, 
TrueTime  Network  Time  Servers  ensure  reliable  network  operations  and 
accurate  log  file  correlation  when  you  need  to  troubleshoot  a  system  failure 
or  security  breach  by  keeping  workstations,  servers,  and  routers  in  sync. 


www.truetime.net 

1.888.367.7966 


Get  reliable,  accurate,  and  secure  synchronization  —  time  after  time 
Cali  us  today  at  1 .888.367.7966  or  visit  www.truetime.net 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Expert 
Oh server 

' 2895 


Observer 

Suite 

*3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


NifWORK 


Call  800-526-7919  or  visit  us  online  fora  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 

©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


On-Command  Power  Switching  for  four 
Network  Equipment***  from  Anf where! 


Applications: 

Remote  Power  Management 
X  Servers 

X  Routers  Firewalls  DSU/CSU's 
X  Web  Cams 

Turn  On/Off  any  AC  or  -48VDC 
Powered  equipment  via  telnet, 
modem  or  local  terminal. 

Electronic  equipment  sometimes  "locks- 
up"  requiring  a  service  call  just  to  flip 
the  power  switch  to  do  a  simple  reboot. 
With  WTI  Remote  Power  Switches  you 
have  the  ability  to  perform  this  function 
from  anywhere  on  the  LAN/  WAN,  or  if 
the  network  is  down,  to  simply  dial-in 
from  a  modem  for  out-of-band  control. 

For  over  a  decade  WTI  has  been 
leading  the  way  in  Remote  Power 
Switching  technology  offering  more 
products  choices  for  small  or  large  scale 
remote  management  strategies. 

Our  switches  are  now  installed  in 
thousands  of  sites  world  wide.  Our 
customers  know  they  can  depend  on 
our  superior  quality  and  reliability  for 
their  most  mission-critical  operations. 

Yes,  we  are  customer  friendly! 

X  Two  year  warranty 
X  We  stock  for  same  day  shipment 
X  30  day  return  policy 
X  Start-up  cables  and  rack  ears  included 

Want  an  on-line  demo? 

Just  call  or  e-mail  and  you'll  see  for 
yourself  why  so  many  network 
professionals  choose  WTI. 


EIGHT  PLUG  -  DUAL  BUS 


NPS 

©  Dual  15  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  User  plus  Admin  Security  Features 
©  115VAC  and  230VAC  Models 


TWO  PLUGS  -  LOW  COST 


©  Two  Addressable  Plugs 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  1 1 5 VAC  and  230VAC  Models 


©  Manual  on/off  Buttons 


HIGH  CURRENT  -  DUAL  BUS 


NPS-2HD 

©  Ideal  for  CISCO  6500/7500 
©  Dual  20  Amp,  115VAC  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 


DUAL  BUS  -48VDC 


RPC-4840 

©  Dual  -48VDC,  40  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  On/Off/Reboot  Switching 


CODE  ACTIVATED  - 
EXPANDABLE 


RPS-10 


©  Single  10  Amp  Circuits 

©  Expandable  to  10  Individually 
Switched  Plugs 

©  RS232  Control  Port 


FIVE  CIRCUIT 
-48VDC  POWER  BAR 


RPB+DC30 


©  Five  Individually 
Switched  Circuits 

©  Switch  -48V DC,  12  Amps 
each  Circuit,  30  Amps  Total 


uuifc 


□ 
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©  Also  Available  in  115VAC 
and  230VAC  Models 


www.wti.com 


1300)  854-7226 


5  Sterling  •  Irvine  •  California  92618-2517 


Keeping  the  Net... 
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UltraLink 


■  Connects  to  standalone  computers  or  any  KVM  switch 

■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

*  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

■  Encrypted  communication  produces  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44(0)  1264  850574 
+617  3427  5353 


Manage'IOOO’sIbf  compute^  via 
Ethernet  or  dial-up  from  ANYWHERE 


■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 


WWW.ROSE.COM 


ELECTRONICS 


Broadband  wireless 
that  works  for  you 


Campus  Mesh 
Point-to-multipoint 
Building-to-building 
Backbone 


LESS  NETWORKING 

rvv.  wa  ve  wireless,  com 

^t-WAVE  (9283)  •  941  -907-2300  •  FAX  941  -355-021 9 


READY 


Guess  what  Yahoo!  JieS 


"The  Cytlades-TS  Series  of  Console  Access  Servers  provides  the  highest  port  density  ond  security 
at  a  very  competitive  price.  By  usina  Linux  as  the  embedded  OS.  it  offers  the  flexibility 


required  to  manage  our  dynamic  environment.  The  Cydades-TS  is  a  key  element  to  help 
us  keep  our  servers  up  and  running."  -  Pete  Kumler,  Manager  of  Site  Operations,  Yahoo!  Inc. 


f  •  -  -  *  c  '  4?  i 

1 

1 


Cydades-TS  Series 

Console  Access  Server 


1/4/8/16/32/48  RS 


First  Linux-based  Ter 
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Request  for  your  FREE  CAS  booklet  at 


THE  LEADER  IN 
LINUX 

CONNECTIVITY 


www.cyclades.com/nw 

1-888-CYCLADES  1-888-292-5233 
510-770-9727 
sales@cyclades.com 
Fremont,  CA 


CYCLkDES 


©2002  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  thier  respective  owners.  Product  information  subject  to  change  without  notice. 
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Want  to  cut  costs?  Lay  off  a  few  servers... 


NETWORKS 


...and  still  increase  your  site’s  performance. 


Downsize  your  data  center 

It’s  a  nice  idea  from  management.  Is  it 
possible?  It  is  with  Redline  Networks’  Web  I/O 
Accelerators.  Deploy  in  any  network  in  about 
an  hour,  and  deliver  benefits  from  the  first  byte 
served. 


Maximize  Server  Capacity 

Web  I/O  Acceleration  eliminates  the 
inefficiencies  of  web  and  cache  servers, 
drastically  expanding  their  load  carrying 
capabilities. 

Reduce  Costs 

Besides  eliminating  server  and  licensing  costs, 
Web  I/O  Acceleration  cuts  bandwidth  use 
about  50%  by  optimizing  content. 

Faster  Performance 

Web  I/O  Acceleration  optimizes  total  Internet 
communications — for  secure,  dynamic,  and 
static  traffic — speeding  server  response  time 
and  user  downloads. 


Il  Free  White  Paper 

3  Web  I/O  Acceleration  Technology  Overview 

3  www.RedlineNetworks.com/wp 


Web  I/O 

Acceleration 


■— i  Increase 

51  Speed 


51  Capacity 


Reduce 

Cost 


For  more  information:  www.RedlineNetworks.com  1.877.550.6420 


Fax  server 
Dial  access 
Data  collection 
Modem  pooling 
Internet  access 


ore  you  buy! 

1-275-3500,  ext.  61 5 
=;3p-tlay  evaluation! 


>equinox.com 


iafijtt'in Equinox  products  visit  our  website  at  -  www.equinox.com 
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A  24/7  Internet  Alarm 


■ 


Keynote’s  Red  Alert  service  can  monitor  and 
execute  end-to-end  checks  of  any  TCP-ena  led 
Internet  application  or  device  24/7/365. 
Whenever  a  server  or  network  fails,  Keynote’s 
Red  Alert  service  isolates  the  problem  and 
immediately  notifies  you  with  full  details  via 
e-mail,  pager  or  cellphone.  Or  all  three, 

Red  Alert.  Another  way  Keynote  helps  you 
expect  the  unexpected. 


For  a  30  day  free  trial  of  Red  Alert 

Go  to  http://www.redalert.com 
Or  call  1(800)  548-4517 


KEYNOTE 

flL.  i  The  Internet  Performance  Authority 
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How  do  you  reboot  l6 

eauroment  units... 


using  Zero  U 

of  rack  space? 


9  Sdltry  POWER  TOWER  :  Your  Zero  U  Reboot  Solution 


16  remotely  addressable  power  outlets  - 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 
30-amp  power  Input  feed  distributed 
across  16  outlets. 

Mounts  vertically  In  your  equipment  rack  or 
cabinet  and  requires  Zero  U  of  tack  space. 
Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement. 

Power-up  sequencing  of  all  16  outlets 
prevents  an  In-rush  current  overload. 
Telnet,  SNMP,  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
Internetworking  equipment. 


Install  the  new  Sentry  Power  Tower  in 
your  data  center,  NOC  or  co-to  facility 
and  gain  the  advantage  of  remotely 
rebooting  up  to  16  of  your  equipment 
units  -  without  occupying  any  space  in 
your  rack  or  enclosed  cabinet 

Try  the  New  Sentry  Power  Tower  in  your 
rack  or  cabinet  and  realize  the  benefits 
of  Intelligent  Power  Distribution  and 
Remote  Power  Management 


See  our  complete  product  line  at  wwmuervertech.com 
or  call  800835.1515  or  775J84.2000 


Amtiier  great  product  front  i  .  . -1 

Server  Technology,  Inc* 


PC  Magazine's 
Editor's 
Choice 
Award 

m 

MAGAZINE 

EDITORS’ 

CHOICE 

July  2002 
SilentRunner  3.0 
SilentRunner.  Inc.. 


Computers!  orld 
Honors 
21  st  C  ento r\ 
Award 


SilentRunner  is  the  lens  into  your  network  providing 
the  only  network  security  solution  that  applies 
state-of-the-art  analysis,  correlation  and 
3-D  visualization  software  to  network  security 
analysis  -  exposing  threats  and  abuses  that  just 
can’t  be  seen  with  standard  security  technologies. 


SilentRunner 

A  Atrthton  Compiler 


For  your  free  Technical  White  Paper, 

visitwww.silentrunner.com 

or  call  800.842.2366  today. 


Want  better 
control  of 


Power  up 
with  Paragon 


Trade  in  your  tired,  old  KVM  boxes 
for  the  Cat5-based  Paragon®  —  and 
save  up  to  $1600  on  every  switch. 

Since  1985,  Raritan  has  been  the  technical  leader  in  KVM 
switching  and  remote  management  solutions  for  accessing 
and  controlling  servers. 

Today,  the  most  powerful,  reliable,  and  secure  KVM  solution 
available  is  Paragon  from  Raritan.  Award-winning  Paragon 
is  the  only  solution  with  Cat5  Simplicity!  and  multi-platform 
support  for  2  to  64  users  having  direct  control  of  16  to 
10,000  servers. 

The  time  to  power  up  with  Paragon  is  now.  Take  advantage 
of  our  generous,  limited-time  trade-in  rebate  and  get  back 
up  to  $1,600  per  Paragon  switch  purchased. 


Call  1  -800-724-8090,  visit  www.raritan.com.  or 
see  us  at  Comdex  in  Las  Vegas  (booth  #1316). 

Rebate  offer  ends  November  30, 2002. 


EDITOR'S  CHOICE 


V*«  it 
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Anywhere,  anytime  access. 

liet  a  free  online  demo  of  secure 
Web  browser  access  to  Paragon 
via  our  TeleReach®  option. 

To  schedule  a  demo  from  your 
desktop,  visit  www.raritan.com. 


Raritan,  Paragon,  Cat5  Simplicity,  and  TeleReach  are  registered  trademarks  of  Raritan 


;4  R  S/6 000 
*.  Netfinity 
HP9000 
4  AS/400 


SAN  Solutions 
HP  Netserver 


Server 

Configuration  Guide 


RLD 


Easy  to  use.  Convenient. 

At-a-  glance  infonnation  for 
selecting  the  right  server  for  your 
application  with  processor,  memory  and 
storage  information.  Available  for  HP,  IBM, 
Sun  and  Compaq.  Call  877.231.2451  or  visit 
www.wdpi.com  to  request  your  FREE  Server 
Configuration  Guide. 


Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Used 

www.wdpi.com  •  877.231.2451 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


Instantly  Search  Gigabytes  of  Text 


dtSearch* 


The  Smart  Choice  for 
Text  Retrieval ®  since  1991 


"Superb  ...  a  multitude  of  high-end  features"  —  PC  Magazine 

"A  powerful  text  mining  engine  ...  effective  because  of  jk. 
the  level  of  intelligence  it  displays"  —  PC  Al 

"Very  powerful  ...  a  staggering  number  of  ways 
to  search"  —  Windows  Magazine 

"Impressive"  —  PC  Magazine  Online 

"A  tremendously  powerful  and  capable 
text  search  engine" —  Visual  Developer 

"Intuitive  and  austere  ...  a 
superb  search  tool"  —  PC  World 


ipiaiaaf 


Fast,  precision  searching 

♦  over  two  dozen  text  search 
options 

♦  indexed,  unindexed,  fielded 
and  full-text  searching 

Organization-wide  reach 

♦  highlights  hits  in  HTML  and  PDF 
while  keeping  embedded  links 
and  images  intact 

♦  converts  other  file  types  —  word 
processor,  database,  spreadsheet, 
email,  ZIP,  XML,  Unicode,  etc.  — 
to  HTML  for  display  with 
highlighted  hits 

1 -800-IT-FINDS 
www.  dtsearch.  com 

sales@dtsearch.com 


*  ’Industrial-strength-. 
superb*-*  m 

Desktop 

Find  anything, 
anywhere, 
instantly  ♦  $199 


Spider  and  search 
Web  sites  ♦  included 
with  all  products 


Network 

Search  the  many 
forms  of  data  that 
exist  across  a  large 
enterprise  network 

♦  from  $800 


Publish  a  searchable 
database  to  CD,  DVD 

♦  from  $2,500 


Add  power 
searching  to 
a  product 

♦  extensive 
sample  source 
code  in  multiple 
programming 
languages 

♦  from  $999 


Web 


Add  instant 
searching  to  your 
site  ♦  $999  per  server 


Stop  by  www.dtsearch.com 
for  30-clay  evaluation  versions 


This  is  the  way  to  learn!. 


ecurity+ 

Training 


Media-Rich  Content 
Challenging  Labs 
Comprehensive  Tests 
Practical  &  Proven 


Security*-  Certification  $265 

Introductory  Offer!  Limited  Time!  ' '  “ 


LearnKey 


Available  ONLY  at  learnkey.com/networld 


c-’jftv  Cod#  (M04I 

"Ac  '  -  ted  ut«  lor  Single -Users.  Please  call  for  Multi-User  pricing  and  Corporate  solutioas. 


Self-Paced  Computer  Training 


15  Year  Anniversary  Savings! 

■BBS 

Network + 

4  Sessions 

$ 

265 

reg.  $  355 

i-Net-t- 

5  Sessions 

$ 

315 

reg  $  425 

Windows  XP  Professional 

6  Sessions 

$ 

370 

reg.  S  495 

Windows  2000  Network  Security  Design 

3  Sessions 

$ 

195 

reg.  $  265 

Cisco"  MCNS 

6  Sessions 

$ 

710 

reg.  $  945 

ONetwotkWorld 

NetSmart  Learning  Partner 


To  Place  Your  Listing  Here 
Call  Enku  Gubaie  at  (800)  622-1108 


NetworkWorlds 


-  v.  v 
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CISCO  NORTEL 


UP  TO  85%  OFF 

CURRENT  TECHNOLOGY 

NEW  •  REFURB  /  BUY  •  SELL 


THIS  MONTH'S  HOT  SPECIALS 

Passport  8648TX  Enterprise  Routing  Switch  Module  (Refurbished) 

48  port  autosensing  10BASE-T/100BASE-TX  Ethernet  Layer  switching  interfaced 

Special  $4,800 

Cisco  2924-CXL  (Refurbished) 

22  Port  10/100  Ethernet  Switch  «  2  Ports  B-FX 

Special  $675 

While  Supplies  Last 

ASN2  Base  Unit  32  M  48V  Redundant  Power  (Refurbished) 

Special  $895 

16  MB  Nortel  Compatible  PCMCIA  Flash  Card 

Special  $225 

NLE  OFFERS  FREE  LIFETIME  TECHNICAL  SUPPORT 

SPECIALS  EXPIRE  11/15/02 

NORTEL 

NETWORKS 


B  RMHI 


caaeTRon 

_ SYSiems 


Bay  Networks 


NATIONAL  LAN  EXCHANGE  •  WWW.NLE.COM 


888-8LANWAN 

Call  for  Free  Quote!  (888-852-6926) 


OptimumDatalnc. 

www.optimumdata.com 

We  alyTS 
Used  Cisc 


toll  free  800  879  8795 
ph:  +  1  402  575  3000 
fax:  + 1  402  575  20 1 1 


1 20/Day 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Networks 


NEW-USED 
WE  BUY-WE  SELL 

J 


Cisco  Siitedi 


caaeTRon 

_ SYsrems 


LEGACY/ DISCONTINUED 
PRODUCTS  SPECIALISTS 
OUR  20TH  YEAR! 
ERGONOMIC  ENTERPRISES,  Inc 
47  WERMAN  CT. 
PLAINVIEW  NY  11803 
1-877-4LAN-WAN  (452-6926) 
Inri:  001-516-293-5200 
fx  516-293-5325 
www.4lanwan.com 

rich@4lanwan.com 


Smartronix 

Network 
Test  Tool 

S 699 

10/100  Ethernet  LAN  Tester 


PDA  Based! 


(FREE  Palm  ml05 
included) 


Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 

►  Displays  network  utilization,  packets 
&  statistics 

►  Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  &  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


FIBER  OPTIC 
SOLUTIONS 

•  T1/E1  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS/400  Twinax,  and 
RS/6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO  -  9001 

S.I.TECH 

Toll  Free  866-SITech-1 
630-761-3640,  fax  630-761-3644 

www.sitech-bitdriver.com 


*499 


*959 


Versa  Tables 
Factory  Direct  Prices 
Lifetime  Warranty  made  In  USA 
310-873-0364  www.versadlrect.coni 


Systems/Features/Memory 


Also  Available:  wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  #7  Network  Remarketer 

952*835*5502 

Fax  952.835*1927  E-Mail:sales@comstarinc.com 


FIBER  OPTIC 
InfiniBand 

FOR  SERVERS 

PCI-X,  2  PORTS  @  10  GBPS 

HIGH-SPEED  LINKS 

TO  300  METERS 

PMC  BOARDS  AVAILABLE 
FOR  CompactPCI 


FirstStar  Networks 


Tel:  781-899-6400 
www.FirstStarNetworks.com 


For  more  information  on  advertising 
in  the  Marketplace,  STOP  everything, 

and  call  now! 
800-622-1108  ext.  6465 


STOP 


Marketplace 


■ 

■  * 
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Average  Order  Asse 

Give  us  a  break,  it’s  a  26,1 


r:  10  Minutes 


ft.  warehouse. 


We  selL  buy.  and  base  the  best  new  and  refurbished  networking 
equipment  and  systems  at  the  lowest  prices  anywhere. 

Isn't  it  abo  ut  time  you  made  the  smart  choice? 

Trust  the  Experts -  We  Specialize  In... 

Cistt  Systems 


.Continental 

Compute  rs 


digital 


Authorized  COMPAQ. 
ReSe"e'  Alpha  SYSTEMS 

Triaee  iogos  are  a  MdBmart  cV  rwpeewe  ccmfarws  and  serves 


www.conticomp.com  *  310.416.1200 


^■COS*, 


§ 

CO 


mm 


Tel:  408.727.1122 

Fax:  408.727.8002  technologies,  inc. 

343  1  DE  LA  CRUZ  BLVD.  SANTA  CLARA,  CA  95D54 
WWW.RECURRENT.COM  INFQ@RECURRENT.COM 


CISCO 


New  &  Used 
Fully  Guaranteed 
Overnight  Delivery 


Se  habla  Espanol 
Wir  sprechen  Deutsch 


800.451.3407 


90  Castilian  Drive.  Suite  110.  Santa  Barbara;' CA  931.17 


Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 


www.networkhardwarE.com 

T;  BUY  ONLINE 


11 


LSI 


NETWORK  HARDWARE  RESALE 


U 


Leukemia  Support  Group 

Helping  cancer  victims  for  three  years 


Call  610-970-2703 

_ I 


IT  CAREERS 


careers 


O 
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j  IT  Director-Atrica,  a  leading 
provider  of  Optical  Ethernet 
solutions,  is  looking  for  qualified 
applicants  for  the  position  of 
IT  Director.  Will  oversee  the 
company's  technical  direction  for 
product  development,  and  direct 
development  of  internal  IT  infra¬ 
structure,  Requires  experience 
directing  technical  operations  & 
systems  development.  Please 
forward  resume  to:  Atrica,  Inc., 
attn:  Lynnette  Fisher,  3255-3 
Scott  Blvd.,  Santa  Clara,  CA 
95054;  fax  (408)  982-1 921 ;  or  e- 
mail:  jobs@atrica.com  Visit  our 
website  at  http://www.atrica.com 
EOE 


SnapStream  Media,  Inc.  is  a 
leading  developer  of  digital  en¬ 
tertainment  software  and  appli¬ 
cations  paving  the  way  for  the 
streamlined  digital  connection 
between  networking  technology 
and  digital  devices  as  well  as 
PC's.  Our  company  currently  has 
openings  for  the  following: 

Systems  Analysts:  Analyze,  de¬ 
sign,  develop,  test,  and  implement 
computer  applications  for  digital 
media  using  XML,  C++,  SOAP, 
and  DirectX.  Create,  edit,  and 
enhance  test  applications  using 
Windows  Programming,  Windows 
Applications  Programmer  Inter¬ 
face,  VB  Scripting,  and  Windows 
Media  Software  Development  Kit. 
Candidate  will  be  responsible  for 
implementing  release  build  pro¬ 
cedures  throughout  the  life  cycle 
and  compose  final  production  re¬ 
leases  using  Wise  for  Windows 
Installer  and  Microsoft  ORCA 
database  tool.  Perform  user  ac¬ 
ceptance  testing,  regression, 
and  functional  testing  using  Em- 
pirix  E-tester.  Requires  a  Bach¬ 
elor's  in  Computer  Science  or  a 
related  field  and  1  year  of  expe¬ 
rience. 

Send  resume  to:  ATTN:  Mr.  Rakesh 
Agrawal,  C.E.O.,  Snapstream 
Media,  Inc.,  6730  Long  Drive, 
Houston,  TX.  77087  or  via  email 
at:  recruit@snapstream.com 


Desmac  Corporation,  is  an  IT 
and  computer  software  firm  spe¬ 
cializing  in  data  driven  business 
applications  including,  Internet, 
Intranet,  client-server,  sales  force 
automation,  and  E-commerce 
applications.  Our  company  cur¬ 
rently  has  openings  for  the 
following: 

Programmer  Analysts:  Plan,  test 
and  develop  Internet  based  pro¬ 
grams  for  ERR  customer  relation¬ 
ship  management,  sales  force 
automation,  and  E-commerce 
using  SOAP  and  XML-remote 
procedure  call.  Design  and  de¬ 
velop  applications  using  .Net, 
Visual  Studio,  Advanced  Reve¬ 
lation,  Java,  and  Flash  on  Oracle 
and  SQL  Server  databases.  In¬ 
teract  with  clients  to  design  the 
functions  of  software  according 
to  client  specifications.  Requires 
Bachelor's  degree  in  Engineer¬ 
ing  or  a  related  field  and  2  years 
of  experience. 

Send  Resume  to:  ATTN:  Mr.Varon 
Pacht,  President,  Desmac 
Corporation,  1605  S.  Parkway, 
Suite  105,  Sugar  Land,  TX 
77478  or  via  e-mail  at:  hrjobs 
@  desmac.com 


Computer  Systems  Analyst  - 
Des  Moines,  Iowa:  Design, 
Develop  and  Implement  the  next 
generation  IP  platforms  using 
tools  and  software  such  as  Java, 
C,  C++with  back  end  Oracle, 
SQL,  Sybase  databases  to 
implement  the  next  generation 
IP  platforms  suchas  Unix,  windows 
to  provide  an  integrated  man¬ 
agement  system.  Bach  Degree 
in  Comp.  Science,  Math  or  Engg 
w/2  yrs  of  exp.  in  job  offered  or 
as  Programmer  Analyst/Systems 
Analyst  reqd.  M-F;  9.30AM-6PM. 
$7600Q/yr.  Send  two  resumes  to: 
#Job  Order  Number  1101619, 
Iowa  Workforce  Center,  215 
Watson  Powell,  Jr.  Way,  Des 
Moines,  Iowa  50309-1727. 


CyberSoft  Technologies,  Inc.  is  a 
rapidly  growing  computer  busi¬ 
ness  system  and  technology  so¬ 
lutions  provider  specializing  in 
Web-based  solutions,  web  inte¬ 
gration,  databases,  data  ware¬ 
housing,  CRM,  CTI,  and  knowl¬ 
edge  management.  Cybersoft 
currently  has  openings  for  the 
following: 

Systems  Analysts:  To  analyze, 
design,  develop,  implement,  and 
test  web  applications  using  web 
design  and  interface  tools  Illus¬ 
trator,  Fireworks,  and  Cascading 
Style  Sheets,  as  well  as  Active 
Server  Pages,  .NET,  Oracle, 
Sybase,  VC++,  EJB,  WebLogic, 
C  Sharp,  and  Seagate  Crystal 
Reports,  UNIX  and  LINUX  oper¬ 
ating  systems.  Candidate  must 
be  able  to  use  functional  knowl¬ 
edge  of  web-based  applications 
and  database  structure  for  appli¬ 
cation  development  and  installa¬ 
tion.  Need  Bachelor's  degree  in 
Computer  Science  or  a  related 
field.  Need  2+  years  of  experi¬ 
ence. 

Send  resume  to:  ATTN:  Human 
Resources:  Cybersoft  Technolo¬ 
gies,  Inc.,  4420  FM  1960  West, 
Suite  #222,  Houston,  TX  77068- 
3411  or  via  email:  infomaster 
©cybersofttech.com 


Senior  Principal  Engineer  -  CCBS; 
Dulles,  Virginia:  Provide  technical 
customer  support  for  US  &  inter¬ 
national  users  of  the  five  in¬ 
stances  of  the  Customer  Care  & 
Billing  System  (CCBS)  &  its 
interfaces  to  the  relevant  media¬ 
tion  devices  &  switches.  Analyze 
&  determine  which  system,  data¬ 
base,  business  process  or  inter¬ 
face  has  caused  the  problem  & 
provide  solutions.  Create  scripts 
to  fix  or  monitor  the  databases. 
Provide  guidance  &  recommen¬ 
dations  regarding  business  prac¬ 
tice  modifications.  Work  with 
switch  &  mediation  device  engi¬ 
neers  &  technical  users  world¬ 
wide  to  test  &  implement  CCBS. 
Apply  knowledge  of  Oracle  and 
UNIX  systems,  GUI,  switch  & 
mediation  device  databases  &  all 
of  the  business  processes  of  the 
billing,  invoicing  and  provisioning 
systems.  Bachelor's  degree  or 
equivalent  in  ElectricaL  Engi¬ 
neering  or  a  closely  related 
field. &  6  yrs  exp.  in  the  position 
offered  or  in  a  systems  engi¬ 
neering  position  two  yrs  of  which 
must  have  been  in  the  telecom¬ 
munications  industry.  6  yrs  exp. 
must  include  at  least  two  yrs  exp 
with  switch  protocols,  mediation 
devices,  oracle  databases,  tele¬ 
com  products  &  billing  systems 
&  billing  product  development. 
40  hrs  per  wk,  domestic  &  int'l 
travel  required  (25%).  Send 
resume  to  Carrie  Carr-Main, 
ORBCOMM,  21700,  Atlantic 
Boulevard,  Dulles,  VA  20166 


Software  Engineer  Needed  to 
develop  middle-ware  components 
for  real-time  management  and 
testing  of  various  network 
devices  utilizing  a  common 
platform  to  manage  CDMA, 
TDMA,  GSM  and  other  environ¬ 
ments.  MS  in  C,  Science  or 
related  field  &  programming 
experience  in  Java,  XML,  CORBA, 
Visibroker  required.  Send  resumes 
/salary  history  to:  Alexander 
Gavrilov,  SoftTrend,  Inc.,  6160 
N.  Cicero,  Suite  124,  Chicago,  IL 
60646. 


Chief  Computer  Programmer: 
Plan,  develop,  program,  test  & 
document  computer  programs 
using  structured  analysis;  ana¬ 
lyze  &  write  detailed  program 
specifications;  design  &  deploy 
systems  using  Sterling’s  COOL: 
GEN,  Oracle  9iAS,  Oracle 
Designer  6i,  &  Oracle  Developer 
6i.  Req.  BS  in  CS  or  related  or 
foreign  equiv  degree  plus  4  yr 
work  exp.  Hrs:  8a-5p,  M-F.  Send 
resume  to  Moorecroft  Systems 
202  Abbey  Ct.,  Alpharetta,  GA 
30004  Ref  ST. 


PROGRAMMER  ANALYST 
To  work  in  various  unanticipated 
locations  throughout  the  U.S. 
Duties:  Analyze,  develop,  test  and 
document  computer  programs 
including  business  applications 
and  network  communication  pro¬ 
grams.  Evaluate  user  requests 
and  software  program  require¬ 
ments  for  new  and  modified  pro¬ 
grams.  Write  specifications,  code, 
test  and  debug  computer  pro¬ 
grams.  Use  of  Oracle,  Oracle 
Database,  Developer  2000,  HTML, 
TOAD  and  Windows  NT.  Bachelor's 
degree  in  Computer  Science, 
Computer  Applications  or  Math¬ 
ematics,  plus  1  year  in  the  job 
offered  or  1  year  in  a  related 
occupation  including  Systems 
Analyst  or  Programmer.  40  Hrs/wk, 
9AM-6PM,  $51,910.00/yr.  Must 
have  proof  of  legal  authority  to 
work  in  the  United  States.  Send 
your  resume  to  Iowa  Workforce 
Center,  902  W.  Kimberly  Road, 
Suite  51,  Davenport,  IA  51806- 
5783.  Please  refer  to  Job  Order 
IA1 101624.  Employer  paid  ad¬ 
vertisement. 


E  Computer  Technologies,  Inc., 
is  a  computer  and  technology 
solutions  provider  of  business- 
to-business  and  E-commerce 
application  implementation  and 
integration  services  specializing 
in  E-purchasing  systems.  Our 
company  currently  has  openings 
for  the  following: 

Programmer  Analyst:  Analyze, 
design,  develop,  test,  and  imple¬ 
ment  B2B,  Enterprise  Resource 
Planning,  and  Customer  Rela¬ 
tionship  Management  technolo¬ 
gies  and  applications  using  Oracle 
on  UNIX,  and  IBM  mainframe 
with  Customer  Information  Control 
System,  Job  Control  Language, 
COBOL  II,  SQL,  and  DB2  data¬ 
base  on  Multiple  Virtual  Storage 
/Enterprise  System  Architecture. 
Conduct  requirements  analysis 
and  perform  unit,  functional,  in¬ 
tegration  and  system  testing 
of  the  converted  applications. 
Interact  with  clients  to  design  the 
functions  of  software  according 
to  client  specifications.  Need 
Bachelor's  degree  in  Computers, 
Engineering,  or  related  field  and 
2  years  of  experience. 

Send  Resume  to:  Mr.  Ravi  Kumar 
Gadde,  Sr.  Systems  Analyst,  E 
Computer  Technologies,  Inc., 
777  S.  Central  Expressway,  Ste 
#4-F,  Richardson,  TX  or  via  e-mail 
at:  jobs  @  ecomputertech.com 


MindTree  Consulting,  an  expand¬ 
ing  IT  consulting  company  offering 
product  realization  services  to 
Internet  infrastructure  and  device 
vendors,  is  searching  for  qualified 
IT  professionals  to  join  its  growing 
team.  Presently,  we  have  posi¬ 
tions  for  Network  Administrators 
and  Software  Consultants.  Ex¬ 
perience  with  Cisco  Router, 
Compaq  servers,  Implemented 
Checkpoint  network  security  fire¬ 
walls,  Rational  Rose,  iPlanet 
Webserver,  Sun  Microsystem's 
J2EE  architecture  desired.  Qual¬ 
ified  applicants  will  have  a  bach¬ 
elor's  degree  in  a  relevant  field 
and  qualifying  industry  experi¬ 
ence.  Positions  may  require 
relocation  to  various  client  sites 
throughout  the  United  States. 
Qualified  applicants  submit 
resumes  to  HR  Department,  The 
Tower  at  270  Davidson  Avenue, 
Suite  305,  Somerset,  NJ  08873. 


Lead  BW  Analyst  -  Prov  tech 
suppt  for  Data  Warehouse  initia¬ 
tives  using  SAP's  BW  s/w. 
Analyze,  design,  develop,  imple¬ 
ment  &  suppt  SAP  R/3  &  BW 
Rptg  solutions  using  SAP  BW 
database  designs,  data  modeling, 
relational  databases,  OLAP,  SQL 
&  visual  development  environ¬ 
ments.  Bach's  deg  in  Comp  Sci, 
Physics  or  Engrg  reqd  +  4 
yrs  exp  in  job.  Fax  resumes  to: 
201-825-7567. 


Tekstrategy  Inc.  is  a  leading  in¬ 
formation  technology  and  soft¬ 
ware  development  firm  delivering 
customized  technology  products 
and  services  to  businesses 
worldwide.  We  are  presently 
looking  for  the  following: 

Software  Engineers:  To  design, 
develop,  maintain  and  implement 
product  design  and  manufactur¬ 
ing  applications  using  Oracle 
Developer,  Peoplecode,  SQR, 
and  C++  on  UNIX  and  Windows 
Operating  Systems.  Develop, 
test,  and  maintain  interfaces  be¬ 
tween  Oracle  and  legacy  systems 
using  Triggers,  data  administra¬ 
tion  operation  tools,  object  security, 
reporting  tools  used  for  Oracle 
Financials,  and  tree  manager 
Peoplesoft  query.  Need  Bachelor's 
in  Computer  Science  or  Engi¬ 
neering.  Need  4  years  of  experi¬ 
ence. 

Send  resume  to:  Venkat  Iyer, 
Tekstrategy  Inc.,  5024  Nautica 
Lake  Circle,  Green  Acres,  FL 
33463,  or  via  e-mail:  viyer® 
tekstrategy.com 


Strongsville  Software  Co.  needs 
Project  Engineer  to  be  responsible 
for  assisting  in  the  adaptation 
/modification  of  state  of  the  art 
machine  control  software  pack¬ 
ages  for  company's  require¬ 
ments;  assist  in  the  designing, 
adaptation,  modification,  testing, 
implementation,  installation,  and 
service  of  equipment  and  soft¬ 
ware  in  customer's  facilities,  under 
the  supervision  of  the  engineer; 
assist  in  providing  customer  sup¬ 
port  for  PC  hardware  and  soft¬ 
ware,  interoffice  training  and 
customer  training  on  software 
developed  by  the  company,  under 
the  supervision  of  the  engineer. 
Bachelor's  Degree  in  Applied 
Mathematics  (or  equiv)  and  min. 
3  months  in-job/job  related  exp 
is  required.  Exp  must  include 
work  with  RSLINX,  RSVIEW, 
RSLOGIX,  Autocad,  Microstation, 
MS  Access,  MS  Excel,  and  MS 
Word.  Resumes  to:  e-JobAds, 
271 1 3  Brookpark  Rd.  Ext.  #1 27, 
North  Olmsted,  OH  44070. 


Applications  Programmer  Lead  - 
Responsible  for  developing  or 
modifying  procedures  required 
to  solve  complex  problems  taking 
into  consideration  computer 
equipment  and  capacity  and 
limitation,  operating  time  and 
form  of  desired  results.  Will  be 
responsible  for  program  design, 
coding,  testing,  debugging  and 
documentation.  Required:  Bach¬ 
elor's  Degree  or  foreign  degree 
equivalent  in  Computer  Science, 
Information  Systems,  Engineering 
or  related  field  and  five  years' 
related  experience  required  or 
Master's  degree  orforeign  degree 
equivalent  in  one  of  the  stated 
fields  and  three  years'  relevant 
experience.  Experience  must 
include  Java  language  skills  to 
include  J2EE;  Struts;  C++  and 
PI/SQL.  40+  hours  per  week, 
Monday  through  Friday,  8:00 
a.m.  to  5:00  p.m.  Send  resume 
to  Attn:  David  Godbee,  BellSouth 
Advertising  &  Publishing  Corpo¬ 
ration,  2247  Northlake  Parkway, 
Mailstop:  06C  61 7,  Tucker,  Georgia 
30084. 


Infogen  is  seeking  IT  profession¬ 
als.  Req.  BS.  Skills  in  following 
area  are  plus:  Oracle9i,  Weblogic 
/  WebSphere,  C++,  Visual  C++, 
VB,  COM,  STL,  MTS,  MSMQ, 
ASP,  Java,  HTML,  XML,  MTS, 
MSMQ,  ADO,  UML.  Travel  is 
required.  Send  resume  to 
infojobs  @  infogeninc.com. 

KBTS  Tech  is  looking  for  Sys¬ 
tem/Quality  Analysts.  Install  and 
configure  Sun  Solaris  8/2.6  on 
Sun  E3500,  E450  Enterprise 
Servers  &  Sparc  workstations. 
Also  configure  I/O  devices  (Eth¬ 
ernet,  SCSI  and  tape  drives)  and 
other  peripherals.  Minimum  BS. 
Apply  at  info@kbtstech.com. 
EOE 


SYSTEMS  ANALYST  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  improve  existing 
computer  systems. 

Must  be  able  to  travel  extensively. 
Bachelor  of  Science,  Engineering 
or  Math  related  2yrs  experience 
in  job  offered. Included  in  the 
2  yrs  job  experience  in  Oracle 
Financials  1 1  i,  HR/payroll  1 1  i,  on 
GL,  AR,  AP,  OE,  OAB,  AOL  and 
HR/Payroll  modules,  FSG,  Oracle 
Fast  Formulas,  SQL*  Loader 
scripts,  Unix  scripting  for  batch 
jobs  and  CRON  jobs,  Pro*C  in¬ 
cluding  front-end  development 
using  Oracle  Reports  6i  and 
Oracle  Discoverer  4i,  Designer 
2000,  API's  with  PL/SQL  web 
tool  kit. 

Apply  by  resume  to  Human 
Resources  Department,  Capricorn 
Systems  Inc.,  3569  Habersham 
at  Northlake,  Bldg  K,  Tucker  GA 
30084. 


Seeking  qualified  applicants  for 
the  following  position  in  Memphis, 
TN:  Technical  Advisors.  Provide 
technical  advice  and  expertise  to 
systems  development  project 
groups  in  defining,  developing 
and  reviewing  existing,  as  well 
as  proposed,  applications  for 
major  computer  systems. 
Requirements:  Bachelor's  degree* 
in  computer  science,  math,  MIS 
or  related  field  plus  7  years  of 
experience  in  systems/applications 
development,  including  program¬ 
ming.  Experience  with  Visual  Basic, 
SQL  Server,  and  Server  hardware 
also  required.  'Master's  degree 
in  appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Chris  Gibney, 
Federal  Express  Corporation, 
2600  Nonconnah  Blvd.,  Suite 
191,  Memphis,  TN  38132.  EOE 
M/F/D/V. 


SW  Eng:  Design  Windows  and 
Unix  applications  for  streaming 
video  and  video  conferencing 
products  over  Ethernet  and  ATM 
networks  using  C,  C++,  and 
html.  Create  and  apply  DirectX 
/DirectShow  filters.  Create  players 
to  allow  user  to  set  preferences, 
convert  streams  to  different  for¬ 
mats  w.  Windows  media  format 
SDK.  Design  interfaces  with  COM. 
Apply  re  Ad  #4  to  B.  Meehan, 
VbrickSystems  Inc.,  1 2  Beaumont 
Rd.,  Wallingford,  CT  06492, 
email:  bridgetm@vbrick.com 


Network  Administrator  wanted 
to  install,  configure,  and  support 
offices'  local  area  network  and 
wide  area  network.  Manage 
hubs/routers  and  servers,  install 
hardware  and  software  and 
perform  related  duties.  BS  in 
Computer  Science  and  two 
years  related  experience  re¬ 
quired.  Send  resume  to  HR,  The 
Crossroads  Center,  P.O.  Box 
19723,  Cincinnati,  OH  45219. 


Jr.  Software  Engineer  to  work 
under  the  direction  of  Sr.  Software 
Engineers  &  assist  in  the  design, 
analyses,  development,  coding, 
testing,  optimizing,  &  implementing 
various  applications  for  mobile 
devices  using  C,  C++,  SDS 
debugging,  Icrane,  ClearCase  & 
DDTS  for  version  control  &  defect 
tracking.  Reqd:  B.S.  C.S.  &  6 
mos.  of  rel.  exp.  40  hrs/week, 
9am-5pm.  Send  resume  to  J. 
Brigham,  HR  #A27, 7301  Parkway 
Drive,  Hanover,  MD  21076. 


Senior  Infrastructure  Engineer 
wanted  by  Fresh  Direct,  Inc.  in 
Long  Island  City,  NY.  Duties  in¬ 
clude  designing  and  implement¬ 
ing  high  performance,  scalable, 
and  robust  E-Business  infra¬ 
structure,  defining  standards  of 
publication  for  web  technology 
and  manage  all  aspects  of  the 
implementation  process,  providing 
on-call  technical  supports.  Master's 
degree  in  computer  Science  or 
related  fields  with  at  least 
two  years  experience  is  re¬ 
quired.  Please  send  resume  to 
jobs@freshdirect.com 

PROGRAMMER  ANALYST 

Design  and  develop  methodology 
&  counterparts  to  connect  back¬ 
end  legacy  systems  to  frontend 
web  browser  based  interface  on 
CICS  Mainframe  &  PC  platforms 
using  WebSphere,  COBOL  & 
Java.  Conduct  tests  &  provide 
ongoing  support.  Req:  Bachelors 
in  Comp.  Sci.,  Comp.  Eng.,  or 
Elec.  Eng.  and  2  yrs.  exp.  40hr 
wk.  Job/Interview  Site:  Westlake 
Village,  CA.  Send  resume  to 
Data  Select  Systems,  Inc.,  2829 
Townsgate  Rd.,  #300,  Westlake 
Village,  CA  91361. 


Clines  Software  Consulting,  Inc., 
an  IT  company  is  looking  for 
qualified  individuals  for  the 
following  positions:  Programmer/ 
Analyst  Software  Engineer,  Project 
Manager,  Project  Leader,  Business 
Development  Manager.  Candidate 
must  be  willing  to  travel 
extensively. Send  resume to:716 
N.  Valley  St.,  Suite  A,  Anaheim, 
CA  92801 . 


OPERATION  RESEARCH  ANA¬ 
LYST  wanted  by  production, 
assembly  and  manufacture  of 
personal  computer  company  in 
Houston,  TX.  Must  have  Master 
in  Operations  Research  or  Math¬ 
ematics  and  1  yr.  exp.  in  Manu¬ 
facture  ERP  system.  Respond 
to:  HR  Dept.,  Foxconn  Corp., 
8801  Fallbrook  Dr.,  Houston,  TX 
77064.  Attn:  CKYM. 


Trusted 
by  more 
hiring 
managers 
than  any 
IT  space 
in  the 
world. 


Become  a  microsoft  Windows  2000  Security  Expert. 

It’s  easy.  Just  point,  click  and  choose  the  format  that  uiorks  best  for  you: 
•CD-RORl  •UJeb-Based  •Hands-On  •Uirtual  Classroom 

Uisit  lletSmart  today  at  www.nwnetsmart.com 
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Project  Manager  (Denver,  CO)- 
OneWorld  Client  Manager 
Paradigm  Technologies,  a  Petro¬ 
leum  Place  Company,  is  an  en¬ 
ergy  software  company  seeking 
a  OneWorld  Client  Manager 
(Project  Manager)  to  oversee  the 
post-sales  customization  &  im¬ 
plementation  of  accounting  & 
financial  software  applications 
for  the  upstream  oil  &  gas  industry. 
This  software  integrates  with 
JDE  OneWorld  financial  software 
applications.  Requirements  in¬ 
clude  a  Bachelor's  degree  or 
foreign  equivalent  in  accounting 
or  related  field;  2  years  of  expe¬ 
rience  designing  &  developing 
financial  software  applications 
that  must  fully  integrate  with  JDE 
OneWorld  financial  software  ap¬ 
plications  for  the  upstream  oil  & 
gas  industry.  Respond  with  resume 
via  surface  mail  only  to:  Human 
Resources,  Petroleum  Place/ 
Paradigm  Technologies,  1099 
Eighteenth  St.  Ste.#2950,  Denver, 
CO  80202,  referring  to  #PT9.02 
OneWorld.  We  are  an  equal 
opportunity  employer. 


Reg.  Project  Mgr.,  Littleton,  CO: 
Apply  management  principles 
to  develop  &  implement  info,  sys¬ 
tems  projects,  ind.  project  est., 
plan,  recruitment,  monitoring. 
Identify  risks/solutions,  bus. 
analysis  &  dev.;  prep,  reports, 
ind.  mktg.,  sales,  press  releases, 
dev.  user  doc.,  training  material, 
training  class;  dev.  ad  hoc  sys¬ 
tems/data  manipulation,  system 
specs.,  system  plan,  dev.  test 
plan,  using  expert  skills  in  MS 
Project,  MS  Access,  MS  Office. 
Req.:  BS  in  Comp.  Science  or 
Business  Mgmt.  +  ext.  exp.  in  IT 
Mgmt.  ind.,  typical  systems  dev. 
life  cycles,  budgeting,  training  & 
supervisory  exp.  Business  analyst 
skills,  knowledge  of  SQL  &  query 
cons.  Ability  to  handle  multiple 
projects  simultaneously.  Resume 
to:  Judith  Barbuto,  Instructional 
Design  Assoc.  10061  Talbert 
Ave.,  Suite  235,  Fountain  Valley, 
CA  92708. 


Programmer:  Develop  basic 
applications  for  using  JAVA  and 
JDBC-ODBC  to  communicate 
with  MS  SQL  database  for  in¬ 
ventory  control  and  automation. 
Write  programs  to  utilize  Lab  View 
software  for  automated  equipment 
testing.  Maintain  and  test  con¬ 
sistency  of  applications.  Perform 
unit  testing,  monitoring,  fine- 
tuning,  troubleshooting  and  bug¬ 
fixing  duties.  Write  specifications 
and  documentation  as  requested 
within  level  of  experience.  Assist 
Q.C.  Dept,  with  automation  and 
use  of  spectrum  analyzer,  noise 
figure  meter,  and  network  analyzer. 
Work  within  a  multinational  and 
multilingual  work  environment 
and  interface  with  IT  and  Engineer 
personnel  at  vendors  and  OEM 
customers  in  North  America  and 
at  manufacturers  and  suppliers 
in  China  and  Taiwan.  Req.  BS  in 
CS  or  CIS  with  9  months  experi¬ 
ence  in  job  offered  or  as  pro¬ 
grammer/analyst.  Proficiency 
in  JAVA,  MS  SQL.  AutoCAD. 
$47,500.00  per  year,  40  hr/wk, 
8-5.  Send  resume  to  Dir.  of  HR, 
Pro  Brand  International,  Inc., 
1 900  West  Oak  Circle,  Marietta, 
GA  30062 


Quantitative  Programmer  Analyst, 
Wachovia  Corp.,  Old  Greenwich, 
CT.  Design  &  develop  computer 
programs  &  systems  for  con¬ 
vertible  bonds  trading.  Reqs.  MA 
in  Comp.  Science  or  Eng.  &  1  yr 
exp  in  financial  industry  devel¬ 
oping  trading  systems  for  con¬ 
vertible  bonds,  quantitative  mod¬ 
eling,  value-at-risk  calculations, 
new  appl.  dvlp.,  developing  & 
converting  specs,  into  code,  & 
testing  &  prep,  of  code  for  prod, 
working  in  K  or  a  similar  special 
purpose  language  used  for 
financial  analytics.  Graduate 
work  or  thesis  incl.  work  w/  dvlp. 
&  implementation  of  complex 
quantitative  models  is  also  reqd. 
Send  resume  &  cvr.  Itr.  to  Sabrina 
Miller,  Wachovia  Corp.,  301  N. 
Tryon  Street,  NC  0953,  Charlotte, 
NC  28288-0953.  No  phone  calls 
please. 


SYNAPSE  GROUP,  INC.,  a 
leading  computerized  magazine 
marketing  company,  is  looking  to 
hire  qualified  candidates  for  the 
following  positions: 

Software  Engineer  to  research, 
analyze,  formulate  and  help  de¬ 
sign  software  systems;  to  predict 
and  measure  outcome  and  con¬ 
sequences  of  design  using  sci¬ 
entific  analysis  and  mathematical 
models;  to  help  develop  and 
direct  software  system  testing 
procedures,  programming  and 
documentation;  to  help  design 
and  tune  speech  recognition  in¬ 
terfaces  for  phone-based  IVR 
sales  and  customer  service  sys¬ 
tems.  At  minimum,  a  Bachelor's 
degree  in  Computer  Information 
Systems  required.  Extensive 
knowledge  in  internet  applica¬ 
tions,  HTML,  SQL,  ASP  and 
ORACLE  preferred. 
Programmer  Analyst  to  plan, 
develop,  test,  document  and 
update  computer  programs  to 
increase  operating  efficiency;  to 
enter  program  codes  into  comput¬ 
er  systems;  to  evaluate  user  re¬ 
quirements;  and  to  monitor  per¬ 
formance  and  provide  technical 
assistance  to  program  users.  At 
minimum,  a  Bachelor’s  degree  in 
Computer  Science  or  it’s  equiv¬ 
alent  required.  Sound  knowledge 
in  internet  applications,  HTML, 
SQL,  ASP  and  ORACLE  pre¬ 
ferred. 

Business  Analyst  to  research 
potential  markets;  analyze  sta¬ 
tistical  data  to  forecast  future 
marketing  trends;  initiate  and 
produce  timely  and  accurate  re¬ 
ports/analysis  to  improve  busi¬ 
ness  results;  and  to  develop  and 
maintain  sales  and  account 
management  reporting  systems. 
At  minimum,  a  Bachelor’s  de¬ 
gree  in  Business,  Finance  or  re¬ 
lated  discipline  required.  Strong 
PC  skills  and  good  financial/ac¬ 
counting  background  preferred. 
The  company  offers  a  competi¬ 
tive  compensation/benefit  pack¬ 
age  and  an  environment  where 
achievements  are  recognized  & 
professional  growth  is  encour¬ 
aged.  Qualified  applicants  are 
encouraged  to  mail  resumes  to: 
HR  Department,  Synapse  Group, 
Inc.,  Four  High  Ridge  Park, 
Stamford,  CT  06905. 


FT  Computer  Services  Manager. 
Multiple  positions.  Responsibilities 
include:  Manage  the  development 
and  implementation  of  marketing 
plans  for  NIITs  software  products 
and  services;  manage  strategic 
planning  and  budgeting;  develop 
and  negotiate  proposals  for  the 
provision  of  software  services; 
manage  marketing  analysts, 
systems  analysts  and  other 
technical  support  personnel;  and 
manage  client  relations.  Must 
have  a  Master’s  Degree  or  foreign 
equivalent  in  Business  Administra¬ 
tion,  Computer  Science  or  related 
field  and  three  years  of  experience 
as  a  Computer  Systems  Analyst, 
Marketing  Analyst  or  a  related 
occupation  or  a  Bachelor’s  Degree 
or  foreign  equivalent  in  Business 
Administration,  Computer  Science 
or  a  related  field  and  five  years 
of  progressive  experience  as  a 
Computer  Systems  Analyst, 
Marketing  Analyst  or  a  related 
occupation  for  the  computer 
software  industry.  Salary:  $84,000 
per  year  and  up,  commensurate 
with  experience.  If  interested, 
submit  resume  in  duplicate  to: 
Ms.  Sandy  Pruitt  NIIT  (USA),  Inc. 
1050  Crown  Pointe  Parkway, 
Suite  500  Atlanta,  GA  30338 


SENIOR  APPLICATION  DE¬ 
VELOPER  to  design,  develop, 
analyze,  implement  and  maintain 
web-based  software  applications 
using  Java,  JavaScript,  ASP,  Vi¬ 
sual  Basic,  XML,  SQL,  MS  SQL 
Server,  SOAP  and  Rational 
Rose;  integrate  Microsoft  web- 
enabled  products  with  front-end 
systems  and  back-end  systems. 
Require:  M.S.  in  Computer  Sci¬ 
ence/Mathematics/Information 
Systems  and  one  year  experi¬ 
ence  in  the  job  offered.  Competitive 
salary  and  benefits.  Apply  with 
resume  to:  Vice  President,  McKing 
Consulting  Corp.,  2900  Chamblee 
Tucker  Road,  Building  11, 
Atlanta,  GA  30341  (Job# 
PY001 ). 


The  Principal  Software  Engineer 
/Developer  will  be  responsible  for 
multiple  phases  of  small  market 
payroll  systems  and  software  ap¬ 
plications  development  projects, 
including  but  not  limited  to,  ana¬ 
lyzing  project  requirements;  de¬ 
signing  Oracle  HRMS-based 
software  applications  with  an 
emphasis  on  Oracle  forms  and 
reports;  establishing  and  moni¬ 
toring  project  plans;  and  acting 
as  an  expert  technical  resource 
across  functional  organizations. 
Will  provide  technical  leadership 
and  training  to  other  team  mem¬ 
bers,  and  will  be  responsible  for 
directing  and  monitoring  the  pro¬ 
ductivity  of  subordinate  profes¬ 
sional  team  members.  Will  write 
code  to  produce  software  that 
meets  company's  exacting  soft¬ 
ware  development  standards. 
Will  also  work  with  Quality  As¬ 
surance  organization  to  ensure 
that  software  components  meet 
system  acceptance  criteria; 
participate  in  the  transition  of 
software  to  production,  supporting 
the  installation  of  new  software 
components  to  the  production 
systems;  and  create  accompa¬ 
nying  technical  design  docu¬ 
mentation.  Requires  Bachelor's 
Degree  or  equivalent  in  Computer 
Science,  Engineering,  Mathe¬ 
matics,  or  Physics  and  five  (5) 
years  of  experience  in  Job 
Offered  or  five  (5)  years  of  expe¬ 
rience  in  Oracle  client/server 
application  development.  Alter¬ 
natively,  will  accept  Master's 
Degree  in  Computer  Science, 
Engineering,  Mathematics,  or 
Physics  and  three  (3)  years  of 
experience  in  Job  Offered  or 
three  (3)  years  of  experience  in 
Oracle  client/server  application 
development.  Candidate  must 
also  possess  demonstrated  ex¬ 
pertise  developing  APIs,  Forms 
and  Reports  using  Oracle  ERP 
solutions;  financials,  manufac¬ 
turing,  or  HRMS;  demonstrtated 
expertise  in  UNIX  shell  scripting 
and  SQL  tuning  using  TKPROF; 
and  demonstrated  expertise 
developing  front-  and  back-end 
applications,  packages,  functions, 
and  procedures  using  SQL  nav¬ 
igator,  Oracle,  PL/SQL  and  DEV 
2000.  Salary  $75,000/yr;  Mon- 
Fri,  9:00AM-5:00PM.  Submit  two 
(2)  copies  of  resume/letter  of 
application  to  Job  Order  #2002- 
265,  P.O.  Box  989,  Concord,  NH 
03302-0989.  EOE.  Applicants 
must  be  workers  eligible  to 
accept  employment  in  the  United 
States  on  a  full-time  basis. 


Sr.  Software  Engineer  wanted  by 
optical  networking  system 
developer  in  Oceanport,  N.J. 
Must  have  BS  degree  or  equivalent 
in  Electrical  Engineering  or  related 
field  and  8  years  exp.  in  job  offered 
or  in  Software  Engineering  or 
Design.  Experience  must  include 
designing  and  programming 
embedded  software  using 
C/C++  VxWorks,  developing 
communications  software  using 
Motorola  PPC  processors,  and 
experience  with  high-speed  optical 
control  circuits.  Respond  to 
Doreen  Sabol,  HR  Department 
(ref#  031 ),  Tellium,  Inc.,  2  Crescent 
Place,  Oceanport,  NJ  07757. 


Senior  Programmer  Analyst 
wanted  to  research,  design,  and 
develop  computer  software 
systems,  applying  principles  and 
techniques  of  computer  science, 
engineering,  science,  and  math¬ 
ematical  analysis,  using  COBOL, 
CICS,  MVS/ESA,  and  DB2. 
40  hrs./week.  8am  to  5pm.  $ 
67,766.40/year.  Must  possess 
Bachelor's  Degree  in  Electrical 
/Electronics  Engineering  or 
Computer  Science,  one  year  of 
experience  in  the  job  offered 
or  as  a  Software  Engineer/Pro¬ 
grammer,  and  six  months  expe¬ 
rience  with  COBOL,  CICS,  MVS 
/ESA  and  DB2.  Employer  Paid 
Ad.  Please  send  resumes  to 
MCDC/ESA,  P.O.  Box  11170, 
Detroit,  Ml  48202-1170.  Reference 
No.  202651. 
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Gigabit 

continued  from  page  1 

implementation.  “The  biggest 
obstacle  I  see  to  Gigabit  on  the 
desktop  is  that  there’s  no  killer 
app  for  it,”  says  Lawrence  Orans.a 
senior  analyst  with  Gartner. 
“There’s  no  need  for  a  main¬ 
stream  end  user  of  a  business  PC 
to  have  Gigabit  Ethernet  on  his 
desktop.  For  the  daily  computing 
tasks  most  enterprise  end  users 
take  on  —  e-mail,  Web  browsing 
and  some  client/server  applica¬ 
tions —  10/100M  bit/sec  Ethernet 
is  just  fine.” 

While  applications  such  as  voice 
and  video  have  been  touted  as 
killer  applications  for  desktop 
Gigabit,  this  is  a  misconception, 
Orans  says.  An  uncompressed 
voice  call  over  IP  takes  up  only 
64K  bit/sec  of  bandwidth.  A  quali¬ 
ty  video  stream  is  not  much  high¬ 
er,  averaging  from  200K  to  400K 
bit/sec. “That’s  a  drop  in  the  buck¬ 
et  when  you’re  talking  about  a 
100-megabit  connection,”  he  says. 

Users  seem  to  agree. 

“If  all  you’re  doing  is  checking 
e-mail,  surfing  the  Web  and  using 
word  processing  programs,  there’s 
no  need  for  Gigabit  Ethernet  on 
the  desktop”  says  John  Savage, 
chief  systems  engineer  at  Chris¬ 
topher  Newport  University  in 
Newport  News,Va.“  [Gigabit  Ether¬ 
net]  is  useful  when  we  have  to 
move  large  amounts  of  data  on 
and  off  a  server/ 

Savage  has  deployed  around 
two  dozen  workstations  with  cop¬ 
per-based  Gigabit  Ethernet  con¬ 
nections  using  3Com  PC  adapter 
cards  and  switches.  The  Gigabit 
desktops  are  used  mostly  by  his  IT 
staff  for  tasks  such  as  database  file 
maintenance  and  application 
development.  But  he  does  not 
foresee  a  widespread  deployment 
of  Gigabit  copper  ports  in  the 
near  future  to  areas  such  as  fac¬ 
ulty  and  staff  offices,  or  student 
computer  labs. 

Despite  lukewarm  demand 
from  users  and  skepticism  from 
analysts,  vendors  seem  unde¬ 
terred.  In  HP’s  case,  the  company 
will  announce  the  ProCurve  2724, 
a  24-port  10/1 00/ 1 OOOM  bit/sec 
switch  with  four  mini-Gigabit 
interface  card  (GBIC)  slots  for 
fiber-optic  uplinks.  HP  also  is 
releasing  its  eight-port  ProCurve 
2708  with  eight  copper  Gigabit 
ports  for  smaller  workgroups. 

“We  are  starting  to  see  Gigabit 
Ethernet  become  more  afford¬ 
able,  and  with  that  it  will  be¬ 
come  easier  to  distribute  corpo¬ 
rate  applications,”  says  Darla 
Sommerville,  general  manager 
for  HP’s  ProCurve  Networking 


Grabbing  up  Gigabit 
Ethernet 

Dropping  Gigabit  Ethernet 
prices . . . 


Average  Gigabit  Ethernet  port  cost 
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. . .  have  led  to  wide  adoption 
of  Gigabit  Ethernet . . . 

Gigabit  Ethernet  adoption 


H  Will  implement  in  next  T2  years 
No  plans  to  implement 
Not  sure 

. . .  with  much  of  it  being 
deployed  over  existing  copper 
cabling  infrastructures. 

Not  sure 


Over  copper  3.Q%  Over  Conner 


40.1% 

SOURCES:  NETWORK  WORLD  500  SURVEY;  IDC 

business.  “The  idea  is  to  get  as 
much  power  to  the  edge  of  the 
network  as  possible.” 

Foundry  will  release  a  new  Gig¬ 
abit  Ethernet  workgroup  box  this 
week  with  its  Edgelron  24G, which 
has  24  10/ 100/1  OOOM  copper 
ports  and  four  mini-GBIC  uplinks. 

“As  desktop  processing  power 
goes  up,  workstations  and  PCs  can 
now  take  advantage  of  Gigabit 
desktop  connections,”  says  Joe 
Tomasello,  product  marketing 
manager  for  Foundry  “Having 
ports  that  can  autosense  [10- 
megabit] ,  Fast  and  Gigabit  Ether¬ 
net  connection  speeds  also 
allows  customers  to  ease  into  a 
Gigabit  desktop  deployment.” 

Last  month,  Cisco  released  a 
four-slot  version  of  its  Catalyst 
6500  switch,  along  with  a  48-port 
lOOOBase-T  module  aimed  at 


high-density  wiring  closets. 

“These  announcements  of  Giga¬ 
bit  desktop  switches  are  pre¬ 
empting  the  current  demand,” 
says  Joshua  Johnson,  a  research 
analyst  with  Synergy  Research 
Group.  “Vendors  want  to  be  there 
when  customers  are  ready  to  do 
Gigabit  to  the  desktop.  They  want 
to  have  products  available  and 
create  brand  awareness.” 

While  PC  makers  such  as  Dell, 
Apple  and  HP  are  building  Gigabit 
Ethernet  LAN-on-motherboard 
(LOM)  transceivers  as  standard  in 
their  desktop  machines,  observers 
say  that  limitations  in  PCI  bus 
technology  prevents  desktops 
from  utilizing  a  full  Gigabit  pipe. 

The  vendors  acknowledge  this. 
Dell  PCs,  outfitted  with  10/100/ 
1000M  LOMs,  can  provide  “a  max¬ 
imum  send  speed  of  about  500 
megabits  per  second  and  a 
receive  speed  of  about  800  meg¬ 
abits  per  second.  This  speed  limi¬ 
tation  is  due  to  the  32-bit  PCI  slot 
bandwidth,”  according  to  Dell’s 
Web  site.  “There  are  no  plans  to 
add  64-bit  PCI  slots  on  desktop 
computers  so  the  desktop  peak 
send  speed  will  remain  at  about 
500  megabits  per  second.” 

For  now,  Gigabit  desktop  con¬ 
nections  are  limited  to  niche  mar¬ 
kets  that  have  unusual  end-user 
bandwidth  demands,  such  as  the 
movie  special-effects  industry. 
Weta  Digital,  a  New  Zealand  com¬ 
pany  responsible  for  the  digital 
special-effects  in  the  “Lord  of  the 
Rings”  trilogy,  uses  dozens  of 
Linux-based  and  Apple  Macin¬ 
tosh  workstations  outfitted  with 
Gigabit  Ethernet  connections,  as 
well  as  copper-based  Gigabit 
Ethernet  switches  from  Foundry 

“The  first  time  I  heard  about 
Gigabit  Ethernet  I  thought,  how 
do  I  get  it  to  the  desktop?”says  Jon 
Lab  re,  CTO  at  Weta  Digital.  He  says 
it  is  not  uncommon  for  artists  to 
download  and  upload  multigiga¬ 
byte  image  files  dozens  of  times 
throughout  the  day  “The  amount 
of  material  we  have  to  move  over 
the  network  every  day  is  pretty 
extraordinary’ 

Similarly  Pixar,  makers  of  “Toy 
Story”  and  “Monsters,  Inc.,”  uses 
around  400  Linux-based  IBM 
IntelliStation  workstations  with 
Gigabit  Ethernet  connections  for 
its  digital  animation  artists.  Cisco 
copper  Gigabit  switches  are  used 
to  link  the  PCs  to  the  network. 

Speaking  at  a  conference  earlier 
this  year,  Darwyn  Peachey  Pixar’s 
vice  president  of  technology  said 
the  high  speed  at  which  his  shop’s 
workstations  can  move  data  is 
integral  to  getting  the  company’s 
films  out  on  time. 

Whether  you  need  Gigabit 


Ethernet  now  or  not,  it  might  be 
hard  to  resist  such  low  prices, 
according  to  recent  market  data. 

The  average  price  for  a  fixed- 
configuration  Gigabit  Ethernet 
port  has  dropped  by  around  30% 
over  the  last  two  years,  according 
to  IDC.  Many  vendors  such  as  Deli 
now  offer  Gigabit  switch  ports  as 
low  as  $100.  Gigabit  Ethernet  net¬ 
work  interface  cards  are  available 
in  the  $100  range  from  vendors 
such  as  3Com,Asante  and  Intel. 

“We’re  expecting  that  Gigabit 


Ethernet  will  be  the  standard  for 
all  Ethernet  on  the  desktop  in  two 
years,”  Synergy  Research  Group’s 
Johnson  says.  While  the  upgrade 
cycle  to  Gigabit  on  the  desktop 
and  10  Gigabit  in  the  core  has  not 
started  in  earnest  yet,  many  busi¬ 
nesses  are  starting  small  with 
Gigabit-capable  PCs.  “For  a  few 
bucks  more,  why  not  future-proof 
your  network  now?”  ■ 

Get  more  information  online. 
DocFinder:  2948 
www.nwfusion.com 


ID  mgmt.  tool  upgraded 


■  BY  JOHN  FONTANA 

HERNDON, VA.—  Calendra  this 
week  will  release  the  newest  ver¬ 
sion  of  its  directory  management 
software,  which  will  provide  net¬ 
work  executives  with  tools  for 
managing  user  identities  across 
directories  and  databases. 

The  tools  are  designed  to  sup¬ 
port  certain  aspects  of  corporate 
identity  management,  which  is 
the  ability  to  integrate  and  man¬ 
age  user  identities  across  hetero¬ 
geneous  systems.  Network  execu¬ 
tives  are  becoming  interested  in 
identity  management  because  it 
can  save  time,  increase  security 
and  reduce  costs. 

Calendra’s  Directory  Manager 
4.0  is  a  tool  for  creating  and  de¬ 
ploying  directory-enabled  appli¬ 
cations  for  user  self-service,  such 
as  password  reset.  With  Version 
4.0,  Calendra  is  adding  support 
for  Structured  Query  Language 
so  identity  data  from  database 
applications  such  as  enterprise 
resource  planning  and  CRM  can 
be  accessed  by  Directory  Man¬ 
ager.  Calendra  also  is  adding  an 


import  and  export  feature,  which 
allows  data  from  multiple  user 
repositories  to  be  synchronized. 

“Calendra  makes  everything 
look  like  it  is  coming  from  a  sin¬ 
gle  source,  and  that  allows  us  to 
give  our  users  one  interface  into 
directory  information,”  says  Alan 
Wright,  senior  manager  of  sys¬ 
tems  technology  for  Brown  & 
Williamson  Tobacco  in  Louisville, 
Ky  He  says  support  for  SQL  in 
Directory  Manager  4.0  means  he 
has  more  flexibility  in  compiling 
identity  data. 

Other  companies,  such  as  IBM, 
Microsoft,  Novell  and  Sun, are  cre¬ 
ating  identity  management  plat¬ 
forms,  and  smaller  vendors  such 
as  Netegrity  Oblix  and  RSA  Se¬ 
curity  are  trying  to  broaden  their 
product  lines  through  acquisi¬ 
tions  and  partnerships. 

Directory  Manager  4.0  is  a  Java 
2  Platform  Enterprise  Edition 
application  and  runs  on  Apache 
Tomcat,  which  ships  with  the 
product;  IBM  WebSphere;  BEA 
WebLogic;  and  SunOne.  It  is  ex¬ 
pected  to  ship  this  month  and 
will  cost  $10  per  user.B 
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Emusic  blows  the  details 


I’ve  been  observing  a  skirmish 
between  a  group  of  subscribers 
to  the  online  music  service 
Emusic.com  and  the  service’s  man¬ 
agement.  What  it  brought  home  was 
how  important  the  details  are  if  you 
want  to  be  successful. 

1  have  written  about  Emusic  before  but  let  me  re¬ 
cap:  Emusic.com  is  an  online  service  now  owned 
by  Vivendi  Universal  Net  USA  (VUNet  USA)  and 
Universal  Music  Group,  a  division  of  Vivendi 
Universal. The  company’s  published  terms  and  con¬ 
ditions  (www.nwfusion.com,  DocFinder:  2952)  says 
that, “subject  to  certain  limitations  as  described 
herein, you  are  granted  unlimited  download  rights 
to  our  catalog  of  MP3  music  files”  for  a  fee  as  low 
as  $9.99  per  month. 

When  Emusic  first  started  I  immediately  sub¬ 
scribed  and  was  ecstatic  about  it.  My  music  habit 
has  been  well-fed  and  I  have  discovered  artists  I 
might  never  have  heard  of  otherwise. 

But  a  few  months  ago  things  started  to  change  in 
little  ways.  Emusic  had  a  cookie  system  that,  if  you 
enabled  it,  would  log  you  into  its  Web  site  automati¬ 
cally  whenever  you  visited. The  cookie  logon  just 
stopped  working.  A  small  thing,  perhaps,  but  very 
annoying  —  particularly  when  the  site  now  also 
automatically  logs  you  out  after  a  few  minutes. 


But  the  biggest  change  happened  recently: 

Emusic  started  canceling  subscriptions.The  compa¬ 
ny’s  main  complaint  (as  outlined  in  a  company 
statement  1  received  Oct.  28)  is  some  subscribers 
“do  not  follow  the  usage  terms  outlined  in  our 
terms  and  conditions. . . .  Examples  of  violations 
include  the  sharing  of  passwords,  use  of  automated 
systems  to  download  massive  numbers  of  tracks 
and  other  activity  ...  in  excess  of  what  is  reasonable 
for  one’s  personal  use.  Accounts  that  we  believe  are 
violating  the  terms  and  spirit  of  the  service  are  sub¬ 
ject  to  cancellation.” 

Not  surprisingly  the  subscribers  who  were  booted 
were  annoyed.  And  with  good  reason:  Emusic  specif¬ 
ically  said  “you  are  granted  unlimited  download 
rights  to  our  catalog  of  MP3  music  files.”  The  limita¬ 
tions  clause  doesn’t  carry  any  other  volume  proviso, 
so  the  term  “unlimited”  must  mean  just  that. 

This  means  that  the  statement’s  definition  of  a 
“violation”  of  usage  terms  is  based  on  unstated 
behaviors  and  limits  as  deduced  by  Emusic. That 
makes  it  a  little  tricky  for  subscribers  to  stay  on  the 
right  side  of  acceptable  behavior. 

A  spokesman  for  VUNet  USA  Music  said  every 
downloaded  track  requires  Emusic  to  pay  a 
“mechanical”  rights  fee  of  5  to  10  cents. 

Thus,  anyone  downloading  more  than,  say,  133 
tracks  per  month  (equivalent  to  10  or  12  average 


albums)  is  an  unprofitable  account  if  they  are 
paying  $9.99. 

According  to  comments  on  a  discussion  list,  a 
company  representative  was  quoted  as  saying  that 
the  number  of  people  abusing  the  system  amounts 
to  about  0.5%,  which,  given  the  subscriber  base  of 
65,000,  is  a  miniscule  325  people. 

It  seems  no  one  had  thought  about  how  extreme 
subscriber  behavior  might  affect  the  economics  of 
the  operation.  And  no  one  seems  to  have  consid¬ 
ered  that  booting  users  and  disabling  cookie  logon 
would  only  damage  the  company’s  brand. 

When  I  asked  about  the  cookie  logon  being  aban¬ 
doned,  Curry  said  it  had  been  discontinued  to  make 
it  harder  for  people  to  abuse  the  system,  but  he  had 
no  idea  how  or  why,  and  frankly  neither  do  I. 

All  of  this  because  no  one  thought  through  the 
details.  And  it  is  worth  noting  that,  according  to  a 
recent  Reuters  news  story, Vivendi  is  rethinking  the 
strategy  for  its  online  music  properties. This  may  be 
the  beginning  of  the  end  for  Emusic.  Darn  it. 

Now  you  might  think  this  to  only  be  a  lesson  for 
online  services,  but  the  same  moral  applies  to  cor¬ 
porate  IT:  It’s  always  the  details  that  bite  you.  Next 
week  we’ll  look  at  how  details  affect  IT’s  relation¬ 
ship  with  the  organization. 

Send  a  message  to  backspin@gibbs.com. 
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By  Paul  McNamara 


Like  PointCast  without  the  pork 

Describe  a  product  such  as  KlipFolio  from 
Serence  and  many  a  mind  turns  immediately  to 
PointCast,  which  way  back  in  the  mid-1990s  pio¬ 
neered  push  technology  mere  seconds  before  giv¬ 
ing  it  a  bad  name:  bandwidth  hog. 

Serence  CEO  Allan  Wille  wants  to  avoid  that  par¬ 
ticular  PointCast  pitfall,  as  well  as  another  more 
commonplace  one:  failing  to  make  money. 

This  still  is  an  incredibly  difficult  business  for  us  to  monetize,"  says  Wille,  who 
is  unusually  candid  —  and  apparently  pragmatic  —  for  an  entrepreneur.  "We’ve 
been  talking  to  a  tremendous  number  of  brand-name  content  providers,  and  I 
would  say  almost  none  of  them  would  pay  us  real  cash  for  this  product.  It’s  all 
bartering  arrangements,  advertising  swaps  and  risk-sharing-type  models  that 
they  would  get  into.  Cash  right  now  for  these  guys  is  incredibly  tight." 

The  Sporting  News  is  an  exception.  It  is  using  Serence's  KlipFolio  technology  to 
push  hot-off-the-presses  sports  news  to  readers  who,  it  is  hoped,  eventually  will 
orovide  the  publication  with  a  new  revenue  stream.  Wille  says  The  Sporting  News 
sees  fantasy  sports  enthusiasts  —  a  notoriously  rabid  bunch  —  as  most  likely  to 
pony  up  cash  for  the  immediacy  that  push  services  promise. 

KlipFolio  provides  end  users  with  a  small  desktop  window  into  which  is  delivered 
a  stream  of  informational  tidbits  and  links  to  outside  data  repositories. 

jt  cuts  through  the  clutter  and  delivers  the  important  stuff  without  delivering 
<  u  garbage,"  Wille  says.  "It’s  really  a  jumping  board  to  further  information." 

Still  there  remains  that  nagging  problem  of  getting  people  to  cough  up  cash. 
VWIe  says  the  best  opportunity  for  Serence  to  crack  that  nut  is  with  the  enter- 
•C.9  network  executive.  As  his  company  this  week  prepares  to  launch  Version  2.0 


of  KlipFolio,  which  will  offer  more  granular  personalization  features,  Wille  says  its 
focus  is  turning  much  more  directly  toward  corporate  accounts. 

As  for  the  unwanted  legacy  of  PointCast  (since  reborn  as  Infogate):  "It  was  a 
hog,"  Wille  recalls,  anything  but  fondly. 

Which  begs  the  question:  Does  KlipFolio  go  oink-oink? 

“No,  actually  not,  because  we  want  to  put  it  on  cell  phones  and  wireless 
devices,”  he  says.  “Our  tool  is  a  300K  download,  and  each  individual  channel  is 
about  4K,  and  that's  important  because  eventually  when  these  channels  get 
pushed  to  wireless  devices,  size  really  is  everything." 

Microsoft  shows  apologies  are  cheap 

This  so-called  guerrilla  marketing  is  getting  old.  As  you  might  have  noticed, 
Microsoft  was  excoriated  recently  for  littering  urban  landscapes  with  hundreds 
of  12-  to  20-inch  butterfly  decals  as  part  of  an  advertising  blitz  to  launch  the  lat¬ 
est  version  of  MSN.  This  adds  the  world's  most  famous  software  maker  to  the  list 
of  companies  —  including  IBM,  Snapple  and  Nike  -  that  have  used  this  annoying 
technique  to  promote  their  products. 

In  the  vast  pantheon  of  Microsoft  sins,  the  great  butterfly  caper  of  2002  proba¬ 
bly  won't  warrant  more  than  a  footnote,  but  it  was  galling. 

"We  made  a  mistake  with  the  decals,  and  we  take  full  responsibility  for  what 
happened,"  blathered  a  Microsoft  executive  after  the  company  took  its  pre¬ 
dictable  public  relations  pounding. 

Anyone  who  believes  the  company  didn’t  fully  anticipate  that  reaction  redefines 
the  word  naive. 

However,  New  York  officials  seemed  content  with  Microsoft's  mea  culpa. 

And  that  was  the  real  mistake.  If  cities  want  to  put  a  stop  to  this  nonsense 
they're  going  to  have  to  stomp  on  a  butterfly  or  two  somewhere  along  the  line. 

Want  to  stomp  on  a  columnist?  That  address  is  buzz@nww.com. 
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THE  STRAIGHT  GOODS  ON  SOFTWARE  INTEGRATION. 


INTEGRATION 


IS  ONCE  AGAIN  A 


Our  PATRIOTcompliance 
Solution  can  help  you 
meet  the  stringent  new 
requirements  of  the  USA 
PATRIOT  Act.  It's  secure, 
unobtrusive  and  cost- 
effective. 

And  it's  just  one  of  the 
software  integration 
solutions  available 
today  from  Sybase. 


The  Software 
Integration  Company. 

We  can  help  you  integrate 
all  the  data  and  business 
applications  in  your 
enterprise  and  extend 
them  to  any  location  in 
the  world.  So  you  can 
improve  efficiency  while 
preserving  your  existing 
infrastructure  investments. 


Leveraging  our  expertise 
in  database  technology 
and  powerful  new 
integration  tools,  Sybase 
can  help  integrate  all 
the  data  and  business 
applications  in  your 
enterprise. 

So  you  can  extract 
the  maximum  value 
not  only  from  your 
current  infrastructure, 
but  also  from  all  the 
information  that 
resides  within  it. 

Visit  www.sybase.com/ 
integrationsolutions. 
And  resolve  your 
integration  issues. 


i  Sybase 

Information  Anywhere" 
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■  Cost-effective  access 
routing  for  branch  office 
connectivity  and 
Internet  access 

■  Recognizable  Command 
Line  Interface  (CLI) 

■  No  retraining  or 
costly  certification 

■  Built-in  stateful 
inspection  firewall 

■  Interoperable  with  other 
standards-based  routers 

■  Optional  PBX  connectivity 

■  Optional  dial 
backup  system 

■  Built-in  DSU/CSU  for 
WAN  termination 

«  Free  24x7  telephone 
technical  support 

®  Optional  extended 
installation  and 
maintenance  program 


This  powerful  new  access  router  from  ADTRAN  is  everything  you 
need  in  a  router,  and  then  some,  at  a  cost  that’s  up  to  55  percent 
less  than  other  brand  name  routers.  This  high-quality,  low-cost 
alternative  features  a  stateful  inspection  firewall,  a  DSU/CSU,  and  a 
familiar  CLI.  Comprehensive  dial  backup  and  PBX  connectivity  are 
available  at  a  minimal  cost.  Interoperable  with  other  standards-based 
routers,  the  NetVanta  3000  series  fits  seamlessly  into  your  existing 
network.  Backed  by  unlimited  telephone  support  and  a  5 -year 
warranty,  the  NetVanta  3000  series  is  clearly  the  intelligent  choice. 

New  vendor  to  routing?  No  way!  ADTRAN  has  incorporated  its 
router  technology  into  selected  WAN  connectivity  products  for  the 
past  five  years;  with  more  than  75,000  now  installed  in  networks 
around  the  world.  The  NetVanta  3000  series  is  the  latest  in  a  long 
line  of  market-leading  internetworking  and  connectivity  solutions, 
from  a  company  with  a  17-year  history  of  customer  satisfaction. 

Dare  to  compare  the  new  NetVanta  3000  series! 

www.dare2compare.adtran.com 

877.212.0327  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRAN7  Aouwi 
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